General
-
Target
4de573090d1b7d203a6234b77a1c1223e8c0bca291df048d7ffbca236ab43109
-
Size
388KB
-
Sample
220627-h6pnvahefn
-
MD5
195e22930fb34e9eb87718857f627cdc
-
SHA1
d2421595c4837729c9597b3190631190d69fba1d
-
SHA256
4de573090d1b7d203a6234b77a1c1223e8c0bca291df048d7ffbca236ab43109
-
SHA512
99e91bc340b472532a4947d072e856083eb540360f6055a51907d4306eef397fd23b8add64218a072542a8cdd33ef985c28b1faa6e6717e525e5c0f97486723a
Malware Config
Extracted
redline
RUZKI
193.106.191.246:23196
-
auth_value
121027c094f768a0a0e9b562f6417952
Targets
-
-
Target
4de573090d1b7d203a6234b77a1c1223e8c0bca291df048d7ffbca236ab43109
-
Size
388KB
-
MD5
195e22930fb34e9eb87718857f627cdc
-
SHA1
d2421595c4837729c9597b3190631190d69fba1d
-
SHA256
4de573090d1b7d203a6234b77a1c1223e8c0bca291df048d7ffbca236ab43109
-
SHA512
99e91bc340b472532a4947d072e856083eb540360f6055a51907d4306eef397fd23b8add64218a072542a8cdd33ef985c28b1faa6e6717e525e5c0f97486723a
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-