General
-
Target
8b08fce2936c8363994dda1d6e9ddadf.exe
-
Size
175KB
-
Sample
221205-q34btseg69
-
MD5
8b08fce2936c8363994dda1d6e9ddadf
-
SHA1
15cfdfe6e406c0e69d2e6261b898b97eed6f34e2
-
SHA256
3f665abde637a3c65e46e96daeb9aa15c8dda5e2ed2fee15048d4fa790e66991
-
SHA512
925ad9dbe1681a3494450978217c0dd98b637e681a9713280756908f444bef95cf9b9649aa80383561ec59b5951885901b16227e9853c1111a4271ab8e1d0b67
-
SSDEEP
3072:RxqZWPTa9ApGv8fdUTeuWFXhITxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOuwH:DqZv8fG2Xh
Malware Config
Extracted
redline
Wish
31.41.244.14:4694
-
auth_value
836b5b05c28f01127949ef1e84b93e92
Targets
-
-
Target
8b08fce2936c8363994dda1d6e9ddadf.exe
-
Size
175KB
-
MD5
8b08fce2936c8363994dda1d6e9ddadf
-
SHA1
15cfdfe6e406c0e69d2e6261b898b97eed6f34e2
-
SHA256
3f665abde637a3c65e46e96daeb9aa15c8dda5e2ed2fee15048d4fa790e66991
-
SHA512
925ad9dbe1681a3494450978217c0dd98b637e681a9713280756908f444bef95cf9b9649aa80383561ec59b5951885901b16227e9853c1111a4271ab8e1d0b67
-
SSDEEP
3072:RxqZWPTa9ApGv8fdUTeuWFXhITxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOuwH:DqZv8fG2Xh
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-