General
-
Target
84a09fc3eb6a86af69fa554629489d4c660e460895af27fc895dd83dbf4171aa.exe
-
Size
428KB
-
Sample
221216-1mqe5sfg27
-
MD5
a15d453ee7681e49a9dd7f47b209ae3a
-
SHA1
a68ba7b049b886b8ae030bfe3a56bc682ebd611e
-
SHA256
84a09fc3eb6a86af69fa554629489d4c660e460895af27fc895dd83dbf4171aa
-
SHA512
1495f95a49e1abf9fb341b118de19326159c6f79a5bde3f75d2131df4f4a43af34556b2bfe798f54c029d16ad03f51004975dd1351ee5d0a25f377e7fedda096
-
SSDEEP
12288:iCebSV5EX2mMvYeDumK2kTTNxqzpQ6ijqF:6+kXnouLjkK6Z
Malware Config
Extracted
redline
@2023@
193.106.191.138:32796
-
auth_value
ca057e5baadfd0774a34a6a949cd5e69
Targets
-
-
Target
84a09fc3eb6a86af69fa554629489d4c660e460895af27fc895dd83dbf4171aa.exe
-
Size
428KB
-
MD5
a15d453ee7681e49a9dd7f47b209ae3a
-
SHA1
a68ba7b049b886b8ae030bfe3a56bc682ebd611e
-
SHA256
84a09fc3eb6a86af69fa554629489d4c660e460895af27fc895dd83dbf4171aa
-
SHA512
1495f95a49e1abf9fb341b118de19326159c6f79a5bde3f75d2131df4f4a43af34556b2bfe798f54c029d16ad03f51004975dd1351ee5d0a25f377e7fedda096
-
SSDEEP
12288:iCebSV5EX2mMvYeDumK2kTTNxqzpQ6ijqF:6+kXnouLjkK6Z
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-