General
-
Target
5031d3eb04cdf0e167750b072395cb33.exe
-
Size
262KB
-
Sample
230702-x1jmzaed4s
-
MD5
5031d3eb04cdf0e167750b072395cb33
-
SHA1
7c3a49866964b593f37d6424b0886f1dbf2c6b09
-
SHA256
eb4ef81c6cbaff6da2c9a14dbe37b034602ac7ce2f17949f0d4413cf2259246d
-
SHA512
224df72f6cdef39a49c9906113a1d4387a047fe5233876320c734c3c1c151dbc4bf5fa2706f1d72249659269cab1811cd98e47d6e3740f44cef97a8dcd05bbda
-
SSDEEP
3072:k2J2Z7Blh9ZxcW24KZDB/yJhVbyLNLd7m4tJOyXSwl2vTyf2uV+r5y7ZwYWWfZzz:onc2KZkIpLdC4t8yXzU7mQ0l5x
Malware Config
Extracted
redline
andre
77.91.124.49:19073
-
auth_value
8e5522dc6bdb7e288797bc46c2687b12
Targets
-
-
Target
5031d3eb04cdf0e167750b072395cb33.exe
-
Size
262KB
-
MD5
5031d3eb04cdf0e167750b072395cb33
-
SHA1
7c3a49866964b593f37d6424b0886f1dbf2c6b09
-
SHA256
eb4ef81c6cbaff6da2c9a14dbe37b034602ac7ce2f17949f0d4413cf2259246d
-
SHA512
224df72f6cdef39a49c9906113a1d4387a047fe5233876320c734c3c1c151dbc4bf5fa2706f1d72249659269cab1811cd98e47d6e3740f44cef97a8dcd05bbda
-
SSDEEP
3072:k2J2Z7Blh9ZxcW24KZDB/yJhVbyLNLd7m4tJOyXSwl2vTyf2uV+r5y7ZwYWWfZzz:onc2KZkIpLdC4t8yXzU7mQ0l5x
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-