General
-
Target
fbc50974e315f91f2c863aabcc788cb69e318edb45c1395d4c99307ad1266601
-
Size
337KB
-
Sample
230202-wfbaesbc71
-
MD5
5a41a576ecb08ed8465bcdfedc8b677d
-
SHA1
67d5f422059889450d244e1594d25d3e87ad80b2
-
SHA256
fbc50974e315f91f2c863aabcc788cb69e318edb45c1395d4c99307ad1266601
-
SHA512
cf98e8da2e1e9af332fcde5b8cd4af6fc5075542b68e9b3b88681e021f23ff8c456eb4c9fe090ec1daa275c49abfb765c4afd08581e28d15e837819e7a1d0fc2
-
SSDEEP
6144:nbDQmioYCCAYp5fRZOVANlZ1iJ5ZccG7uMR9NX23BoIgPEDZCO4lw1JedPlC:nbDQ7LpDcVAN1lDm3BoIgPEDZCO4lw1H
Malware Config
Extracted
redline
24.01
37.220.86.164:29170
-
auth_value
1c7f0aa21138601b5201a3a4a0123991
Targets
-
-
Target
fbc50974e315f91f2c863aabcc788cb69e318edb45c1395d4c99307ad1266601
-
Size
337KB
-
MD5
5a41a576ecb08ed8465bcdfedc8b677d
-
SHA1
67d5f422059889450d244e1594d25d3e87ad80b2
-
SHA256
fbc50974e315f91f2c863aabcc788cb69e318edb45c1395d4c99307ad1266601
-
SHA512
cf98e8da2e1e9af332fcde5b8cd4af6fc5075542b68e9b3b88681e021f23ff8c456eb4c9fe090ec1daa275c49abfb765c4afd08581e28d15e837819e7a1d0fc2
-
SSDEEP
6144:nbDQmioYCCAYp5fRZOVANlZ1iJ5ZccG7uMR9NX23BoIgPEDZCO4lw1JedPlC:nbDQ7LpDcVAN1lDm3BoIgPEDZCO4lw1H
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-