General
-
Target
871b8b2f506bc6c004318fbc85bf092c26a783a7f7eb5ce6bd26de7dba0b9cda
-
Size
352KB
-
Sample
220811-el3s7aaedq
-
MD5
a0ad00e044382a1ed575cd503469ddce
-
SHA1
e460f250d6a7b5a871332b60ac660a256558d629
-
SHA256
871b8b2f506bc6c004318fbc85bf092c26a783a7f7eb5ce6bd26de7dba0b9cda
-
SHA512
59f49bb9b07a2fe9ed41b4fc769e4411f80d67f862af86c1e9f4e20ee8de5bbddd7a194448575c6b96a2f3207260d97761d9c4ec4105efec5cf0b6e3de5b122f
Malware Config
Extracted
redline
ruzki
193.106.191.165:39482
-
auth_value
71a0558c0eea274a5bd617ea85786884
Targets
-
-
Target
871b8b2f506bc6c004318fbc85bf092c26a783a7f7eb5ce6bd26de7dba0b9cda
-
Size
352KB
-
MD5
a0ad00e044382a1ed575cd503469ddce
-
SHA1
e460f250d6a7b5a871332b60ac660a256558d629
-
SHA256
871b8b2f506bc6c004318fbc85bf092c26a783a7f7eb5ce6bd26de7dba0b9cda
-
SHA512
59f49bb9b07a2fe9ed41b4fc769e4411f80d67f862af86c1e9f4e20ee8de5bbddd7a194448575c6b96a2f3207260d97761d9c4ec4105efec5cf0b6e3de5b122f
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-