General
-
Target
804b6c5d602064a06df2992ee5e416a52bab1a1718f8f4a9b80419207df12b76
-
Size
378KB
-
Sample
220617-sdvdqsehg4
-
MD5
f03e1eb23f22097f8b765543d95f0011
-
SHA1
5ca869cd62fc23c12ff9735617bdab5b9f3cb8c2
-
SHA256
804b6c5d602064a06df2992ee5e416a52bab1a1718f8f4a9b80419207df12b76
-
SHA512
66073acc3fb446114a737363f5413b52d4115f575ccb8bae0d36dd7261d669ae22b019cb54cc92f9e07e788df36ec1875f0b04706cf2c75ea1db24055e9145d5
Malware Config
Extracted
redline
META
193.106.191.245:23196
-
auth_value
2ea67e19fe494687c77a179004b4a1c8
Targets
-
-
Target
804b6c5d602064a06df2992ee5e416a52bab1a1718f8f4a9b80419207df12b76
-
Size
378KB
-
MD5
f03e1eb23f22097f8b765543d95f0011
-
SHA1
5ca869cd62fc23c12ff9735617bdab5b9f3cb8c2
-
SHA256
804b6c5d602064a06df2992ee5e416a52bab1a1718f8f4a9b80419207df12b76
-
SHA512
66073acc3fb446114a737363f5413b52d4115f575ccb8bae0d36dd7261d669ae22b019cb54cc92f9e07e788df36ec1875f0b04706cf2c75ea1db24055e9145d5
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-