General
-
Target
cac9c1edb035eec6f2d552ec3ca96145.exe
-
Size
425KB
-
Sample
230206-n9q9qsha9x
-
MD5
cac9c1edb035eec6f2d552ec3ca96145
-
SHA1
1c980162ae50cbaf1b479d7bc9575faa55a53504
-
SHA256
29cc22cd2167fcc12eb0f555d6f7b4ec0be43c76d03ea53e35ecf3464c5e4efa
-
SHA512
31c1998d244cb0a9613cb8544f4de636194a636dd98015ab04d14cfdd72b3db3503e98c72a319dce2251979d9fa8c1dbb8ff95beeb89dc9cd9a183a1530dd84f
-
SSDEEP
6144:QELRf00cREAnFclEoFvd84hM4kaTRfUx9+Ypuk6owt:QEdf0kAnQH184qaBqRprI
Malware Config
Extracted
redline
bilod
193.233.20.7:4138
-
auth_value
407a8c8d5a1f9a3348afc8c6b0155512
Targets
-
-
Target
cac9c1edb035eec6f2d552ec3ca96145.exe
-
Size
425KB
-
MD5
cac9c1edb035eec6f2d552ec3ca96145
-
SHA1
1c980162ae50cbaf1b479d7bc9575faa55a53504
-
SHA256
29cc22cd2167fcc12eb0f555d6f7b4ec0be43c76d03ea53e35ecf3464c5e4efa
-
SHA512
31c1998d244cb0a9613cb8544f4de636194a636dd98015ab04d14cfdd72b3db3503e98c72a319dce2251979d9fa8c1dbb8ff95beeb89dc9cd9a183a1530dd84f
-
SSDEEP
6144:QELRf00cREAnFclEoFvd84hM4kaTRfUx9+Ypuk6owt:QEdf0kAnQH184qaBqRprI
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-