General
-
Target
eb8a15fe1d31e87d44fe515850c121d89e0b3a1db9ce09528ef599d5dc1131e6
-
Size
413KB
-
Sample
220623-m7bktscfhm
-
MD5
6de981f554f3263040e21ebd3f62bdb7
-
SHA1
499bd5ab252f91194f3ea926883d54b813a06d6b
-
SHA256
eb8a15fe1d31e87d44fe515850c121d89e0b3a1db9ce09528ef599d5dc1131e6
-
SHA512
e6a0d901b0e665bdccdefc73aa055b8a795bb8ea06d5c639989a9d076d6567037a170ac805d78c31e40c27105a02c85594c6233eda9deefb8bec88c7b0976d9b
Malware Config
Extracted
redline
RUZKI
193.106.191.246:23196
-
auth_value
121027c094f768a0a0e9b562f6417952
Targets
-
-
Target
eb8a15fe1d31e87d44fe515850c121d89e0b3a1db9ce09528ef599d5dc1131e6
-
Size
413KB
-
MD5
6de981f554f3263040e21ebd3f62bdb7
-
SHA1
499bd5ab252f91194f3ea926883d54b813a06d6b
-
SHA256
eb8a15fe1d31e87d44fe515850c121d89e0b3a1db9ce09528ef599d5dc1131e6
-
SHA512
e6a0d901b0e665bdccdefc73aa055b8a795bb8ea06d5c639989a9d076d6567037a170ac805d78c31e40c27105a02c85594c6233eda9deefb8bec88c7b0976d9b
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-