General
-
Target
0x00070000000146b9-198.dat
-
Size
173KB
-
Sample
230612-vk55xsdf4t
-
MD5
cc1612ac6f522cd780df188ad605418c
-
SHA1
6b2a739ce162ccc757c159a1ab603fa9e312ac87
-
SHA256
277e63bcec2355ecc0ab2491f5805623b30b5018ca6ee6d159d2e383ae927b0e
-
SHA512
bb17c64eb754c7c902ebcd2a8b1aa4a7aaa491688f7b3c56ac1ae7a847c1649d11d2910086b4235adbf52e462ebf24bbe07121ee2cbe99baaed320d3f4df115a
-
SSDEEP
3072:qhiSbCnywYdhlHTzBQxNVGVbtlQn8e8hX:UiSbVFp22lQn
Malware Config
Extracted
redline
doro
83.97.73.129:19068
-
auth_value
03f411441fb3fa233179c2cc8ffbce27
Targets
-
-
Target
0x00070000000146b9-198.dat
-
Size
173KB
-
MD5
cc1612ac6f522cd780df188ad605418c
-
SHA1
6b2a739ce162ccc757c159a1ab603fa9e312ac87
-
SHA256
277e63bcec2355ecc0ab2491f5805623b30b5018ca6ee6d159d2e383ae927b0e
-
SHA512
bb17c64eb754c7c902ebcd2a8b1aa4a7aaa491688f7b3c56ac1ae7a847c1649d11d2910086b4235adbf52e462ebf24bbe07121ee2cbe99baaed320d3f4df115a
-
SSDEEP
3072:qhiSbCnywYdhlHTzBQxNVGVbtlQn8e8hX:UiSbVFp22lQn
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-