General
-
Target
b2f549f799f556e67aae99c2833f649c38b716bca2dae18b7498e0b91b3056ed
-
Size
421KB
-
Sample
220618-mxtzesahd4
-
MD5
1d26025d8020324e5ce6bd436395081c
-
SHA1
c3abac4b845cf6a2b7533fbfc5c2d0b8808e10f5
-
SHA256
b2f549f799f556e67aae99c2833f649c38b716bca2dae18b7498e0b91b3056ed
-
SHA512
ecac151872533d79ffc08279fdb690552f55022c2041bbef82508335a6cb926a47d632b9b1da529368866f4e4d3e7c6afeeb925dd1341096dfa1e99964ffb0d5
Malware Config
Extracted
redline
META
193.106.191.245:23196
-
auth_value
2ea67e19fe494687c77a179004b4a1c8
Targets
-
-
Target
b2f549f799f556e67aae99c2833f649c38b716bca2dae18b7498e0b91b3056ed
-
Size
421KB
-
MD5
1d26025d8020324e5ce6bd436395081c
-
SHA1
c3abac4b845cf6a2b7533fbfc5c2d0b8808e10f5
-
SHA256
b2f549f799f556e67aae99c2833f649c38b716bca2dae18b7498e0b91b3056ed
-
SHA512
ecac151872533d79ffc08279fdb690552f55022c2041bbef82508335a6cb926a47d632b9b1da529368866f4e4d3e7c6afeeb925dd1341096dfa1e99964ffb0d5
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-