General
-
Target
fe4d26e9b1918bda1954010e0663132d44aef8b7d3192db79cb17427beb11260
-
Size
291KB
-
Sample
220526-p86hpsbfb4
-
MD5
0aa145be799e0d23197ac24adee25a93
-
SHA1
d7523f7fdda38a239eede78725e7c8ecd73e9d5b
-
SHA256
fe4d26e9b1918bda1954010e0663132d44aef8b7d3192db79cb17427beb11260
-
SHA512
6f6cc19ddc75eab5a8525aa55e65eb8cca201009da2b05843c418648f56053b77ce3caab87da7219ae3b61b509572ae3f1588df11ddd4bfb5e7dc47540221c47
Malware Config
Extracted
redline
top
185.215.113.75:81
-
auth_value
ff6259bc2baf33b54b454aad484fb0ee
Targets
-
-
Target
fe4d26e9b1918bda1954010e0663132d44aef8b7d3192db79cb17427beb11260
-
Size
291KB
-
MD5
0aa145be799e0d23197ac24adee25a93
-
SHA1
d7523f7fdda38a239eede78725e7c8ecd73e9d5b
-
SHA256
fe4d26e9b1918bda1954010e0663132d44aef8b7d3192db79cb17427beb11260
-
SHA512
6f6cc19ddc75eab5a8525aa55e65eb8cca201009da2b05843c418648f56053b77ce3caab87da7219ae3b61b509572ae3f1588df11ddd4bfb5e7dc47540221c47
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-