General
-
Target
b46deba31cc00132c84c7315a720b3bdef52727396c100bdf93e36ec3af6032a
-
Size
405KB
-
Sample
220524-y4mz8sbefq
-
MD5
eb0bc30d25e8d81237f6030e2703d73e
-
SHA1
8a3e47ea79077ffe0eadd37055aa747ae1001aab
-
SHA256
b46deba31cc00132c84c7315a720b3bdef52727396c100bdf93e36ec3af6032a
-
SHA512
a2bda0247931159abf9604f972c01146588c03080a2180f8d5eab5be371630178e8c21aed9ee4ccc21e09b8220fcde8ff83b811da4daaafedfe572904975f5a4
Malware Config
Extracted
redline
top
185.215.113.75:81
-
auth_value
ff6259bc2baf33b54b454aad484fb0ee
Targets
-
-
Target
b46deba31cc00132c84c7315a720b3bdef52727396c100bdf93e36ec3af6032a
-
Size
405KB
-
MD5
eb0bc30d25e8d81237f6030e2703d73e
-
SHA1
8a3e47ea79077ffe0eadd37055aa747ae1001aab
-
SHA256
b46deba31cc00132c84c7315a720b3bdef52727396c100bdf93e36ec3af6032a
-
SHA512
a2bda0247931159abf9604f972c01146588c03080a2180f8d5eab5be371630178e8c21aed9ee4ccc21e09b8220fcde8ff83b811da4daaafedfe572904975f5a4
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-