General
-
Target
45c3880763fb3fc1a3ee4ad0ba8f35a8040d715eec45eb2557836918e44bbec6
-
Size
430KB
-
Sample
220706-tmjt2aggh9
-
MD5
50ae629a18a3a9d513d40e0d40ca3842
-
SHA1
8c029ccfd126a6c17c1ead8959e0cdfd0afac31e
-
SHA256
45c3880763fb3fc1a3ee4ad0ba8f35a8040d715eec45eb2557836918e44bbec6
-
SHA512
13e80b4d0df6872d94cf71ef7e97396189d9ad6846c991b06db18dc25bba8bcd834b118b809e5b2cb62fc323638e4ae95d0210664bce6a5d1fc2036801ff2ea8
Malware Config
Extracted
redline
ib1.4
levelcupsecurity.eu:80
-
auth_value
363e918b58f663fdb3c6d525cf98d4b0
Targets
-
-
Target
45c3880763fb3fc1a3ee4ad0ba8f35a8040d715eec45eb2557836918e44bbec6
-
Size
430KB
-
MD5
50ae629a18a3a9d513d40e0d40ca3842
-
SHA1
8c029ccfd126a6c17c1ead8959e0cdfd0afac31e
-
SHA256
45c3880763fb3fc1a3ee4ad0ba8f35a8040d715eec45eb2557836918e44bbec6
-
SHA512
13e80b4d0df6872d94cf71ef7e97396189d9ad6846c991b06db18dc25bba8bcd834b118b809e5b2cb62fc323638e4ae95d0210664bce6a5d1fc2036801ff2ea8
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-