General
-
Target
99e029131148d09b427e5b2e4859ded511aa569161c2c31f80250cec61b62154
-
Size
175KB
-
Sample
230122-yb9zasbe5s
-
MD5
8959136f8f925f4dc1c5d1d61bc5a98c
-
SHA1
490d66f171581e0f7e9af5881a631a692b84a1c3
-
SHA256
99e029131148d09b427e5b2e4859ded511aa569161c2c31f80250cec61b62154
-
SHA512
c3b9d13ef1929e97f5727c329be472c0199ccbc121457af609f1dff0196e24476434e65e73bff9e761dae2d5706c43e88981276a3115dfe43d69361ccf1f40a1
-
SSDEEP
3072:txqZWb6aJ4lxTTxaJKd4xeo58khxnxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jj:3qZTTxaIqykh
Malware Config
Extracted
redline
st1
librchichelpai.shop:81
rniwondunuifac.shop:81
-
auth_value
a7232a45d6034ee2454fc434093d8f12
Targets
-
-
Target
99e029131148d09b427e5b2e4859ded511aa569161c2c31f80250cec61b62154
-
Size
175KB
-
MD5
8959136f8f925f4dc1c5d1d61bc5a98c
-
SHA1
490d66f171581e0f7e9af5881a631a692b84a1c3
-
SHA256
99e029131148d09b427e5b2e4859ded511aa569161c2c31f80250cec61b62154
-
SHA512
c3b9d13ef1929e97f5727c329be472c0199ccbc121457af609f1dff0196e24476434e65e73bff9e761dae2d5706c43e88981276a3115dfe43d69361ccf1f40a1
-
SSDEEP
3072:txqZWb6aJ4lxTTxaJKd4xeo58khxnxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jj:3qZTTxaIqykh
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-