General
-
Target
fb09492852d2b0f8746e0bbc14eeb697adc24e350454171e304347a4aadc9a40
-
Size
305KB
-
Sample
240424-nsj44ahd2v
-
MD5
1b55c4e189490d85290e228416376668
-
SHA1
9b72a5553d18962fb64fd96a969904c9091c1d39
-
SHA256
fb09492852d2b0f8746e0bbc14eeb697adc24e350454171e304347a4aadc9a40
-
SHA512
442aaa777708eae28d1827db6ece3988837e5c1b31e81335df4799076f85a2c80fc4fb5be1b3e723e383bcee202b201d42c8bb647cae5400665ea4d4c0d2ed22
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
Malware Config
Extracted
redline
spoo
103.113.70.99:2630
Targets
-
-
Target
fb09492852d2b0f8746e0bbc14eeb697adc24e350454171e304347a4aadc9a40
-
Size
305KB
-
MD5
1b55c4e189490d85290e228416376668
-
SHA1
9b72a5553d18962fb64fd96a969904c9091c1d39
-
SHA256
fb09492852d2b0f8746e0bbc14eeb697adc24e350454171e304347a4aadc9a40
-
SHA512
442aaa777708eae28d1827db6ece3988837e5c1b31e81335df4799076f85a2c80fc4fb5be1b3e723e383bcee202b201d42c8bb647cae5400665ea4d4c0d2ed22
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-