General
-
Target
1bd281c4a31d0dd8a4eabddeb907045babfcdf75b79fe1e15539ed759b20136f
-
Size
348KB
-
Sample
230403-b3rkpsde2w
-
MD5
47ff428bf6766d7aabd47130b4bfd8ba
-
SHA1
9d6ae410231435201a0d4b16861ea40001d4c5f5
-
SHA256
1bd281c4a31d0dd8a4eabddeb907045babfcdf75b79fe1e15539ed759b20136f
-
SHA512
ee478f51ce27470d529ae8fead9bd64be8568952c91cf65ffd3a7046b53b54357f91abc5f89ee17975ce85e7c2fe7518c48cada76d5f5d69e1cfab4c5b6e6257
-
SSDEEP
6144:+fxT5jaoncN/UhQlS7uzYqmLJt/k9Ztkjt:+JTdayukSz1iXSGt
Malware Config
Extracted
redline
@chicago
185.11.61.125:22344
-
auth_value
21f863e0cbd09d0681058e068d0d1d7f
Targets
-
-
Target
1bd281c4a31d0dd8a4eabddeb907045babfcdf75b79fe1e15539ed759b20136f
-
Size
348KB
-
MD5
47ff428bf6766d7aabd47130b4bfd8ba
-
SHA1
9d6ae410231435201a0d4b16861ea40001d4c5f5
-
SHA256
1bd281c4a31d0dd8a4eabddeb907045babfcdf75b79fe1e15539ed759b20136f
-
SHA512
ee478f51ce27470d529ae8fead9bd64be8568952c91cf65ffd3a7046b53b54357f91abc5f89ee17975ce85e7c2fe7518c48cada76d5f5d69e1cfab4c5b6e6257
-
SSDEEP
6144:+fxT5jaoncN/UhQlS7uzYqmLJt/k9Ztkjt:+JTdayukSz1iXSGt
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-