General
-
Target
e2ce4621d10b4c54ba2a89b201fe0ab752bdbe47192002bf20fbb29541c0708e
-
Size
378KB
-
Sample
220617-lnwafsdhh7
-
MD5
b14040c91bbba2dc68e451435467f3d7
-
SHA1
dfca59003133184907a1394240ea8f4d108fa8d6
-
SHA256
e2ce4621d10b4c54ba2a89b201fe0ab752bdbe47192002bf20fbb29541c0708e
-
SHA512
f839af9b5dd39ae39b6632809f236408c8e01ecd99c29c2ef2af40e73cd75b779cee759fdace2cea8a884d90ab057a77e478cf29ba5b56cb3a767c78c62443ce
Malware Config
Extracted
redline
META
193.106.191.245:23196
-
auth_value
2ea67e19fe494687c77a179004b4a1c8
Targets
-
-
Target
e2ce4621d10b4c54ba2a89b201fe0ab752bdbe47192002bf20fbb29541c0708e
-
Size
378KB
-
MD5
b14040c91bbba2dc68e451435467f3d7
-
SHA1
dfca59003133184907a1394240ea8f4d108fa8d6
-
SHA256
e2ce4621d10b4c54ba2a89b201fe0ab752bdbe47192002bf20fbb29541c0708e
-
SHA512
f839af9b5dd39ae39b6632809f236408c8e01ecd99c29c2ef2af40e73cd75b779cee759fdace2cea8a884d90ab057a77e478cf29ba5b56cb3a767c78c62443ce
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-