General
-
Target
file.exe
-
Size
364KB
-
Sample
221116-ylyn1scf93
-
MD5
9dc76001fd86276b1977e8b3828e1b9a
-
SHA1
564169520e678ad491c76de3a2233fbfdc8701bb
-
SHA256
9b0dcedc8a4c32da08c19d28514994d0bbf63f9b197d564a8c0ca0804ad4a6ff
-
SHA512
e458b44098132a7cf61961396e68fab19b2de39604d03b1efd8135a94b0797df2dddb5d580569e15325d26781453741a5579f6311c156e6965adaa734ef6ec87
-
SSDEEP
6144:kJkLHzE9ehStISpMaxNsSYVg+0RUSjTvN/a:kCLY9ehKRhRbTl
Malware Config
Extracted
redline
neruz
193.106.191.27:47242
-
auth_value
0169a8759f3c9be473f782b96a6ff704
Targets
-
-
Target
file.exe
-
Size
364KB
-
MD5
9dc76001fd86276b1977e8b3828e1b9a
-
SHA1
564169520e678ad491c76de3a2233fbfdc8701bb
-
SHA256
9b0dcedc8a4c32da08c19d28514994d0bbf63f9b197d564a8c0ca0804ad4a6ff
-
SHA512
e458b44098132a7cf61961396e68fab19b2de39604d03b1efd8135a94b0797df2dddb5d580569e15325d26781453741a5579f6311c156e6965adaa734ef6ec87
-
SSDEEP
6144:kJkLHzE9ehStISpMaxNsSYVg+0RUSjTvN/a:kCLY9ehKRhRbTl
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-