General
-
Target
2ff2f5480438c7d7648625cc56c8982880d678f565267d83d48dde4043c059d7.exe
-
Size
297KB
-
Sample
240709-bjt7gs1brh
-
MD5
9adc621f718c8e283e2b946acf914322
-
SHA1
13f01086a0878cd540112ddcef23133a117dc4c0
-
SHA256
2ff2f5480438c7d7648625cc56c8982880d678f565267d83d48dde4043c059d7
-
SHA512
bc14841ff0a207205449ac8d98c48425b11c7de9099167b5fc7ddb4cd5c0ff9dac5b146b042c9a29d34116f4747f37e98c8c91d9f25923f1a75ebf1499825cf0
-
SSDEEP
3072:6qFFrqwIOG9jyZEGRL78+XwR3zdpk4sNMhdVSTZ/fHZ3cZqf7D34deqiOLCbBOT:5BIOGsjwiNqdETZ3VcZqf7DInL
Malware Config
Extracted
redline
newbuild
185.215.113.67:40960
Targets
-
-
Target
2ff2f5480438c7d7648625cc56c8982880d678f565267d83d48dde4043c059d7.exe
-
Size
297KB
-
MD5
9adc621f718c8e283e2b946acf914322
-
SHA1
13f01086a0878cd540112ddcef23133a117dc4c0
-
SHA256
2ff2f5480438c7d7648625cc56c8982880d678f565267d83d48dde4043c059d7
-
SHA512
bc14841ff0a207205449ac8d98c48425b11c7de9099167b5fc7ddb4cd5c0ff9dac5b146b042c9a29d34116f4747f37e98c8c91d9f25923f1a75ebf1499825cf0
-
SSDEEP
3072:6qFFrqwIOG9jyZEGRL78+XwR3zdpk4sNMhdVSTZ/fHZ3cZqf7D34deqiOLCbBOT:5BIOGsjwiNqdETZ3VcZqf7DInL
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-