General
-
Target
027dbbf2acf690443025d4c2f1f3efe43b30fc0b824cc5626ec9a78bc5f65528
-
Size
267KB
-
Sample
230616-ngl5baeg34
-
MD5
bd22154c5c33825bfcc25e82e04039d4
-
SHA1
927905bddb1f93de39325dbd66a4cfa057734b6d
-
SHA256
027dbbf2acf690443025d4c2f1f3efe43b30fc0b824cc5626ec9a78bc5f65528
-
SHA512
c6c3015698a72d48e427cba2ec08efd26b47ad0376cc3158532d19378292e2ebfdcee891a62101428e4c060c650f507443c2c3829c97294ec7892a9863f463d8
-
SSDEEP
3072:yFVdIIow+0ZdyyRraH2IbRBOmjHgwSvCHTMrVNxRgmlz1ofAx6:b4+h2IbemjAwzIrZRgmlzKZ
Malware Config
Extracted
redline
joker
83.97.73.130:19061
-
auth_value
a98d303cc28bb3b32a23c59214ae3bc0
Targets
-
-
Target
027dbbf2acf690443025d4c2f1f3efe43b30fc0b824cc5626ec9a78bc5f65528
-
Size
267KB
-
MD5
bd22154c5c33825bfcc25e82e04039d4
-
SHA1
927905bddb1f93de39325dbd66a4cfa057734b6d
-
SHA256
027dbbf2acf690443025d4c2f1f3efe43b30fc0b824cc5626ec9a78bc5f65528
-
SHA512
c6c3015698a72d48e427cba2ec08efd26b47ad0376cc3158532d19378292e2ebfdcee891a62101428e4c060c650f507443c2c3829c97294ec7892a9863f463d8
-
SSDEEP
3072:yFVdIIow+0ZdyyRraH2IbRBOmjHgwSvCHTMrVNxRgmlz1ofAx6:b4+h2IbemjAwzIrZRgmlzKZ
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-