General
-
Target
d881bfb3c1dd896f2ff9677b56a5aa3c19f99403494b2d5c34ddd68c7ed95875
-
Size
389KB
-
Sample
220616-13wl4abhc3
-
MD5
39e3c00cae06c253e615ed4cc6efc51e
-
SHA1
13c56e383e0865f2bd3f9b44450d792f129b63fe
-
SHA256
d881bfb3c1dd896f2ff9677b56a5aa3c19f99403494b2d5c34ddd68c7ed95875
-
SHA512
be2aae4acb01451e32fd782c8cbc9a2ec578b22e21b1898fcab334dce5ce7d0dbd95ffc91012502f36e72ec9d8f0e67b0316b5b39a46903fcf3379c924f877dd
Malware Config
Extracted
redline
META
193.106.191.245:23196
-
auth_value
2ea67e19fe494687c77a179004b4a1c8
Targets
-
-
Target
d881bfb3c1dd896f2ff9677b56a5aa3c19f99403494b2d5c34ddd68c7ed95875
-
Size
389KB
-
MD5
39e3c00cae06c253e615ed4cc6efc51e
-
SHA1
13c56e383e0865f2bd3f9b44450d792f129b63fe
-
SHA256
d881bfb3c1dd896f2ff9677b56a5aa3c19f99403494b2d5c34ddd68c7ed95875
-
SHA512
be2aae4acb01451e32fd782c8cbc9a2ec578b22e21b1898fcab334dce5ce7d0dbd95ffc91012502f36e72ec9d8f0e67b0316b5b39a46903fcf3379c924f877dd
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-