General
-
Target
5f8b68f141b1c66e809fed0b994a7b27392e1202e7d81631c7a08c5e2acf5e3e
-
Size
322KB
-
Sample
220805-sxpbtscabn
-
MD5
5adf033f3e58cf0b93486eb035c91081
-
SHA1
92f3d22dac6bec17d57d4223e6c8b97de9a6a851
-
SHA256
5f8b68f141b1c66e809fed0b994a7b27392e1202e7d81631c7a08c5e2acf5e3e
-
SHA512
21cb9fa7a641942d10961fc2bc99189808b86aea02fc5ad783402a24ddf313b7cf0810570c5698d4e7f4d261a3e6e86cf12d50e351b29ce48446e74e8e08c7c4
Malware Config
Extracted
redline
AF2
stcontact.top:80
-
auth_value
4d729a2faecb406a0eb1d6fcf30432fa
Targets
-
-
Target
5f8b68f141b1c66e809fed0b994a7b27392e1202e7d81631c7a08c5e2acf5e3e
-
Size
322KB
-
MD5
5adf033f3e58cf0b93486eb035c91081
-
SHA1
92f3d22dac6bec17d57d4223e6c8b97de9a6a851
-
SHA256
5f8b68f141b1c66e809fed0b994a7b27392e1202e7d81631c7a08c5e2acf5e3e
-
SHA512
21cb9fa7a641942d10961fc2bc99189808b86aea02fc5ad783402a24ddf313b7cf0810570c5698d4e7f4d261a3e6e86cf12d50e351b29ce48446e74e8e08c7c4
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-