General
-
Target
d315efdd07dada247ff5a33f95fc74e0f1503f0a4bdbc5fed5ddbd040cd3eaa7
-
Size
291KB
-
Sample
220526-pzf7fsfdbn
-
MD5
f5235ad54325f1eac5b4845bfeda104d
-
SHA1
9dd19514fc91331e7a77e86ed4e23d8e311758cb
-
SHA256
d315efdd07dada247ff5a33f95fc74e0f1503f0a4bdbc5fed5ddbd040cd3eaa7
-
SHA512
8fb2be6202846c2a1f53ce8b54555298e262b8161619a66520adf0a8e714243fe9ee880620f07adbc7eadcbf22bb2c405c268e49e21ee8798b6e1b7cfbacd607
Malware Config
Extracted
redline
top
185.215.113.75:81
-
auth_value
ff6259bc2baf33b54b454aad484fb0ee
Targets
-
-
Target
d315efdd07dada247ff5a33f95fc74e0f1503f0a4bdbc5fed5ddbd040cd3eaa7
-
Size
291KB
-
MD5
f5235ad54325f1eac5b4845bfeda104d
-
SHA1
9dd19514fc91331e7a77e86ed4e23d8e311758cb
-
SHA256
d315efdd07dada247ff5a33f95fc74e0f1503f0a4bdbc5fed5ddbd040cd3eaa7
-
SHA512
8fb2be6202846c2a1f53ce8b54555298e262b8161619a66520adf0a8e714243fe9ee880620f07adbc7eadcbf22bb2c405c268e49e21ee8798b6e1b7cfbacd607
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-