General
-
Target
48e66949bf56464769460d4a9e5a1b9dec551e6eaa168c8ceb92320dc68b4859
-
Size
445KB
-
Sample
220810-hyhkkafabj
-
MD5
2fd3a42473810176e31ba931b657cc02
-
SHA1
0605d0d19c99ec4ffabf91e0a48ab8eb0816fd0b
-
SHA256
48e66949bf56464769460d4a9e5a1b9dec551e6eaa168c8ceb92320dc68b4859
-
SHA512
cc50990d9f35b641b0e0d54f91b14bd4125682c03f20e2f6a9edd07eefc1d42131941bcc86c274e8d8db3c7ac82bab30f3487d6acf548de66f5d7c166e1a36e0
Malware Config
Extracted
redline
ruzki
193.106.191.165:39482
-
auth_value
71a0558c0eea274a5bd617ea85786884
Targets
-
-
Target
48e66949bf56464769460d4a9e5a1b9dec551e6eaa168c8ceb92320dc68b4859
-
Size
445KB
-
MD5
2fd3a42473810176e31ba931b657cc02
-
SHA1
0605d0d19c99ec4ffabf91e0a48ab8eb0816fd0b
-
SHA256
48e66949bf56464769460d4a9e5a1b9dec551e6eaa168c8ceb92320dc68b4859
-
SHA512
cc50990d9f35b641b0e0d54f91b14bd4125682c03f20e2f6a9edd07eefc1d42131941bcc86c274e8d8db3c7ac82bab30f3487d6acf548de66f5d7c166e1a36e0
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-