General
-
Target
0x000600000001420f-116.dat
-
Size
145KB
-
Sample
230515-b4trfsec78
-
MD5
1fefec59fe6cfa6c7006da61a92a7b47
-
SHA1
361fea41fed0797c7a659566802fd5701caadd37
-
SHA256
d8bed40ec4556eac0e3923e9754c30ba2b84ba9588babe82191321d336f85374
-
SHA512
d5722af02b8965e325dc6f347af84309892240e6d1fe1e4ab8b96abe72ef10c4d7b4f452a9d1fca40961c21cf634cf51910d54efbd60febf5b6d258f4cd96957
-
SSDEEP
3072:5V+m5cVQmRSxIEN1MjdVti90hSZ18e8h4:5j49k90hSP
Malware Config
Extracted
redline
larry
185.161.248.75:4132
-
auth_value
9039557bb7a08f5f2f60e2b71e1dee0e
Targets
-
-
Target
0x000600000001420f-116.dat
-
Size
145KB
-
MD5
1fefec59fe6cfa6c7006da61a92a7b47
-
SHA1
361fea41fed0797c7a659566802fd5701caadd37
-
SHA256
d8bed40ec4556eac0e3923e9754c30ba2b84ba9588babe82191321d336f85374
-
SHA512
d5722af02b8965e325dc6f347af84309892240e6d1fe1e4ab8b96abe72ef10c4d7b4f452a9d1fca40961c21cf634cf51910d54efbd60febf5b6d258f4cd96957
-
SSDEEP
3072:5V+m5cVQmRSxIEN1MjdVti90hSZ18e8h4:5j49k90hSP
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-