General
-
Target
1263d8fdd774c5630c95f8d285f5088fad77cc98e05e23612b7242896d11d02c
-
Size
443KB
-
Sample
220810-vrp3aaegh3
-
MD5
db7897d5024be65b1041f66f3fcdf698
-
SHA1
42d6f557a7b72447cbec8d78ec5dfb32a0223c97
-
SHA256
1263d8fdd774c5630c95f8d285f5088fad77cc98e05e23612b7242896d11d02c
-
SHA512
e6fdab1083ae6c5fd0af74381745a0b03652b3c6b9083a7c85ab7a6bd52a19f12480fef66b188d2a1de63cab12cc87bc5780fb9d6673c10a9ff4813e85d990aa
Malware Config
Extracted
redline
ruzki
193.106.191.165:39482
-
auth_value
71a0558c0eea274a5bd617ea85786884
Targets
-
-
Target
1263d8fdd774c5630c95f8d285f5088fad77cc98e05e23612b7242896d11d02c
-
Size
443KB
-
MD5
db7897d5024be65b1041f66f3fcdf698
-
SHA1
42d6f557a7b72447cbec8d78ec5dfb32a0223c97
-
SHA256
1263d8fdd774c5630c95f8d285f5088fad77cc98e05e23612b7242896d11d02c
-
SHA512
e6fdab1083ae6c5fd0af74381745a0b03652b3c6b9083a7c85ab7a6bd52a19f12480fef66b188d2a1de63cab12cc87bc5780fb9d6673c10a9ff4813e85d990aa
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-