General
-
Target
fd3a350fced4a0a359909080958c80954a7cd0f7b2f9c0bc0a876704230ade78
-
Size
406KB
-
Sample
230306-gkhsqsad5v
-
MD5
0c997cd5e64be3711a272f5a5cedc43d
-
SHA1
1a1d8c6b63836dc91aa43fbd08701e021715159a
-
SHA256
fd3a350fced4a0a359909080958c80954a7cd0f7b2f9c0bc0a876704230ade78
-
SHA512
9f76b31848fc77cbcccb1fc49f657653eb93e67b1ee4553100fcdc02e22256973a8640dcca9b92ac384eaeb4537a78358164604be647841c807c563c39552424
-
SSDEEP
6144:WEBXLEc3WMW/qELayTmuBIXNUkHzeGgvgjTYGEOrm:Hgc3DW/suBmSezeGzj
Malware Config
Targets
-
-
Target
fd3a350fced4a0a359909080958c80954a7cd0f7b2f9c0bc0a876704230ade78
-
Size
406KB
-
MD5
0c997cd5e64be3711a272f5a5cedc43d
-
SHA1
1a1d8c6b63836dc91aa43fbd08701e021715159a
-
SHA256
fd3a350fced4a0a359909080958c80954a7cd0f7b2f9c0bc0a876704230ade78
-
SHA512
9f76b31848fc77cbcccb1fc49f657653eb93e67b1ee4553100fcdc02e22256973a8640dcca9b92ac384eaeb4537a78358164604be647841c807c563c39552424
-
SSDEEP
6144:WEBXLEc3WMW/qELayTmuBIXNUkHzeGgvgjTYGEOrm:Hgc3DW/suBmSezeGzj
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-