General
-
Target
9913504a74de096106cb5478e8e93d11.exe
-
Size
175KB
-
Sample
221220-j29znaha65
-
MD5
9913504a74de096106cb5478e8e93d11
-
SHA1
f0a750810ffb64949163d5ee53602e232138ad1c
-
SHA256
354437133a6172ccd7dc61f717030321be96fa478a4b0736edf63d6badd91db8
-
SHA512
4093fecbef945508596c4041a3219c1316bdbadec0c2440759151c76a5a2d80dc9a1f1bb8643a9fa402faba2208a391ac5982fcf642a4b908006e9c273ba2299
-
SSDEEP
3072:jxqZWZxamUaY3hvvxljrh7eL7F7hoLxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0J:1qZZhvvn3G7h
Malware Config
Extracted
redline
Pto100TraF333
82.115.223.15:15486
-
auth_value
d4c53e9109a4b130f5246d494cd30e4d
Targets
-
-
Target
9913504a74de096106cb5478e8e93d11.exe
-
Size
175KB
-
MD5
9913504a74de096106cb5478e8e93d11
-
SHA1
f0a750810ffb64949163d5ee53602e232138ad1c
-
SHA256
354437133a6172ccd7dc61f717030321be96fa478a4b0736edf63d6badd91db8
-
SHA512
4093fecbef945508596c4041a3219c1316bdbadec0c2440759151c76a5a2d80dc9a1f1bb8643a9fa402faba2208a391ac5982fcf642a4b908006e9c273ba2299
-
SSDEEP
3072:jxqZWZxamUaY3hvvxljrh7eL7F7hoLxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0J:1qZZhvvn3G7h
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-