General
-
Target
6f22957c75accbbaeee9728d591aff3fa5e28bef8e43aea1a4ab79f8350225a3
-
Size
384KB
-
Sample
220523-pcmeysgfam
-
MD5
3a391e65bc495c9239f99e8579e128fd
-
SHA1
9dd20168d63be6ed9a412dc7a2b2e8a920d6f0bb
-
SHA256
6f22957c75accbbaeee9728d591aff3fa5e28bef8e43aea1a4ab79f8350225a3
-
SHA512
e1baadacdc2f3085a72c6c2216d9cd97dd2bfae59a02bd027844d9a8269ab5214f1879a47c00d3757e1dd67979456b9ddff3c6c327b936d178bf6f38c8e9181a
Malware Config
Extracted
redline
meta1
193.106.191.182:23196
-
auth_value
9a16ce2cecb89012977449117f5e8d58
Targets
-
-
Target
6f22957c75accbbaeee9728d591aff3fa5e28bef8e43aea1a4ab79f8350225a3
-
Size
384KB
-
MD5
3a391e65bc495c9239f99e8579e128fd
-
SHA1
9dd20168d63be6ed9a412dc7a2b2e8a920d6f0bb
-
SHA256
6f22957c75accbbaeee9728d591aff3fa5e28bef8e43aea1a4ab79f8350225a3
-
SHA512
e1baadacdc2f3085a72c6c2216d9cd97dd2bfae59a02bd027844d9a8269ab5214f1879a47c00d3757e1dd67979456b9ddff3c6c327b936d178bf6f38c8e9181a
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-