General
-
Target
4bc5cc31f213eaed731ae051e5f657cb5c43c6a8e9f68081148b081e41b88c06
-
Size
304KB
-
Sample
240405-sfsypafb7x
-
MD5
4b4e6b5cb3df4316921e5ebe8e5535f3
-
SHA1
52972472874c2a2a77f6202495a2f2c88e61218b
-
SHA256
4bc5cc31f213eaed731ae051e5f657cb5c43c6a8e9f68081148b081e41b88c06
-
SHA512
f348f2cb4c6030f6abfa7a93416809ed1741f9cf37c5e87cbe2baf42a66a91e3427add4abe9fddd4d43a37acd6653f037823b00e72fe588ebb19a87c221c3053
-
SSDEEP
3072:Nq6EgY6iBrUjNoM3wPhdk1VPLTAWtARiVVcZqf7D34deqiOLibBOp:kqY6i4wPEjPLTAyA0VcZqf7DInL
Malware Config
Extracted
redline
test
185.215.113.67:26260
Targets
-
-
Target
4bc5cc31f213eaed731ae051e5f657cb5c43c6a8e9f68081148b081e41b88c06
-
Size
304KB
-
MD5
4b4e6b5cb3df4316921e5ebe8e5535f3
-
SHA1
52972472874c2a2a77f6202495a2f2c88e61218b
-
SHA256
4bc5cc31f213eaed731ae051e5f657cb5c43c6a8e9f68081148b081e41b88c06
-
SHA512
f348f2cb4c6030f6abfa7a93416809ed1741f9cf37c5e87cbe2baf42a66a91e3427add4abe9fddd4d43a37acd6653f037823b00e72fe588ebb19a87c221c3053
-
SSDEEP
3072:Nq6EgY6iBrUjNoM3wPhdk1VPLTAWtARiVVcZqf7D34deqiOLibBOp:kqY6i4wPEjPLTAyA0VcZqf7DInL
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-