General
-
Target
d46448d7b7672d1cac1650ac80e0fc09ae77735e4457b00de0df9f610218fe5b
-
Size
389KB
-
Sample
220627-ng4dlacfe2
-
MD5
b5f64f5e5c08523ecd617c1a8b3fa3b8
-
SHA1
8e86b9ccd01fb2c5e6b81b952e150d07bfe373cd
-
SHA256
d46448d7b7672d1cac1650ac80e0fc09ae77735e4457b00de0df9f610218fe5b
-
SHA512
67f98a35edf90bd0003b4de6015909b616dcf65612a02f5d76a19284e325c461d7c9d1be57343b93f4627bd5ca2802b7cb1e1cc32fde257cc6f52b7a39771019
Malware Config
Extracted
redline
RUZKI
193.106.191.246:23196
-
auth_value
121027c094f768a0a0e9b562f6417952
Targets
-
-
Target
d46448d7b7672d1cac1650ac80e0fc09ae77735e4457b00de0df9f610218fe5b
-
Size
389KB
-
MD5
b5f64f5e5c08523ecd617c1a8b3fa3b8
-
SHA1
8e86b9ccd01fb2c5e6b81b952e150d07bfe373cd
-
SHA256
d46448d7b7672d1cac1650ac80e0fc09ae77735e4457b00de0df9f610218fe5b
-
SHA512
67f98a35edf90bd0003b4de6015909b616dcf65612a02f5d76a19284e325c461d7c9d1be57343b93f4627bd5ca2802b7cb1e1cc32fde257cc6f52b7a39771019
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-