General
-
Target
b2c00c914ff4416907380cb938fef25b62837723a87726c3551be35860ee9393
-
Size
267KB
-
Sample
230616-nhzrsseg39
-
MD5
e3cb4fe969159a9a5e9a1e5782179417
-
SHA1
0735942245a4cdcef16788469f7bb47590cb84ed
-
SHA256
b2c00c914ff4416907380cb938fef25b62837723a87726c3551be35860ee9393
-
SHA512
c6a5cb381002003d58a754f423b2a7386db3eb8e93ebbfc8fc7c57e5d352e05d3d17531e7f34b31a9d7962a56dd518b10590268e9498c4bae23703b113a86818
-
SSDEEP
3072:yFVdIIow+0ZdyyRraH2IbRBOmjHgwSvCHTMrVNxRgmlz1ofAx:b4+h2IbemjAwzIrZRgmlzK
Malware Config
Extracted
redline
joker
83.97.73.130:19061
-
auth_value
a98d303cc28bb3b32a23c59214ae3bc0
Targets
-
-
Target
b2c00c914ff4416907380cb938fef25b62837723a87726c3551be35860ee9393
-
Size
267KB
-
MD5
e3cb4fe969159a9a5e9a1e5782179417
-
SHA1
0735942245a4cdcef16788469f7bb47590cb84ed
-
SHA256
b2c00c914ff4416907380cb938fef25b62837723a87726c3551be35860ee9393
-
SHA512
c6a5cb381002003d58a754f423b2a7386db3eb8e93ebbfc8fc7c57e5d352e05d3d17531e7f34b31a9d7962a56dd518b10590268e9498c4bae23703b113a86818
-
SSDEEP
3072:yFVdIIow+0ZdyyRraH2IbRBOmjHgwSvCHTMrVNxRgmlz1ofAx:b4+h2IbemjAwzIrZRgmlzK
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-