General
-
Target
f8ec7bd51e5374d95f75fec64a3a3d61ddd87f3cc5281c96228be7a754255783
-
Size
378KB
-
Sample
220524-3nv35abhd2
-
MD5
2560429059028d6580d5c1025e438a56
-
SHA1
508d63a2e76239940533a8b58aee619f9f130b3b
-
SHA256
f8ec7bd51e5374d95f75fec64a3a3d61ddd87f3cc5281c96228be7a754255783
-
SHA512
5c52ccc6869dcf1976694a78d5783b952cd7e27d8baabeb17d5df3552d0ff6f18c3f7d5505245f45d980321224aababbab18fa370c00dd18e3b196da37c460d0
Malware Config
Extracted
redline
top
185.215.113.75:81
-
auth_value
ff6259bc2baf33b54b454aad484fb0ee
Targets
-
-
Target
f8ec7bd51e5374d95f75fec64a3a3d61ddd87f3cc5281c96228be7a754255783
-
Size
378KB
-
MD5
2560429059028d6580d5c1025e438a56
-
SHA1
508d63a2e76239940533a8b58aee619f9f130b3b
-
SHA256
f8ec7bd51e5374d95f75fec64a3a3d61ddd87f3cc5281c96228be7a754255783
-
SHA512
5c52ccc6869dcf1976694a78d5783b952cd7e27d8baabeb17d5df3552d0ff6f18c3f7d5505245f45d980321224aababbab18fa370c00dd18e3b196da37c460d0
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-