General
-
Target
SecuriteInfo.com.W32.AIDetect.malware1.11057.19080
-
Size
285KB
-
Sample
220803-w8wrtsebf6
-
MD5
ed82a226b08071bfb5aa205173661af1
-
SHA1
69f389f837b842eccb5efdeddce4c2b92432a5b0
-
SHA256
3c79c2b0938109da24b4e5f41195efc9245cc9fe41a2de463a64126f8c11b550
-
SHA512
e4fefc9bdd53ea3ee862f343028b261d31be3aaba0c9b3572607364e116643f7c3ccd9305e08538d56b8ac95ecd8904893323bfbb3e83fd87a229d1d8b7403e6
Malware Config
Extracted
redline
AF2
stcontact.top:80
-
auth_value
4d729a2faecb406a0eb1d6fcf30432fa
Targets
-
-
Target
SecuriteInfo.com.W32.AIDetect.malware1.11057.19080
-
Size
285KB
-
MD5
ed82a226b08071bfb5aa205173661af1
-
SHA1
69f389f837b842eccb5efdeddce4c2b92432a5b0
-
SHA256
3c79c2b0938109da24b4e5f41195efc9245cc9fe41a2de463a64126f8c11b550
-
SHA512
e4fefc9bdd53ea3ee862f343028b261d31be3aaba0c9b3572607364e116643f7c3ccd9305e08538d56b8ac95ecd8904893323bfbb3e83fd87a229d1d8b7403e6
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-