General
-
Target
55c0166f790956e3be24cd3ee78c69ebab031ed62bfbda058b3a653c1a75b518.exe
-
Size
726KB
-
Sample
241209-csentsxrcz
-
MD5
cad51c2ccdea145e70b041891e511917
-
SHA1
5e6b288348a790a91a27c434ee1eaebadacbe12c
-
SHA256
55c0166f790956e3be24cd3ee78c69ebab031ed62bfbda058b3a653c1a75b518
-
SHA512
cb498dcf9b526c91547f4e1baa5a3c9bd1655a1c30661058e40aaa8e28b91aa0a335fc08cfd30617bd4c64a922cf7adf917cea3a5da6cedf82291bee1e7dc25d
-
SSDEEP
12288:6D6YDzqx5XBNt1BrivR0V4TBjgYxs1wl206gBawFV2ceSb0BQ/GfM/4QiAzojgJI:6D6Y3qx51NbXA
Malware Config
Targets
-
-
Target
55c0166f790956e3be24cd3ee78c69ebab031ed62bfbda058b3a653c1a75b518.exe
-
Size
726KB
-
MD5
cad51c2ccdea145e70b041891e511917
-
SHA1
5e6b288348a790a91a27c434ee1eaebadacbe12c
-
SHA256
55c0166f790956e3be24cd3ee78c69ebab031ed62bfbda058b3a653c1a75b518
-
SHA512
cb498dcf9b526c91547f4e1baa5a3c9bd1655a1c30661058e40aaa8e28b91aa0a335fc08cfd30617bd4c64a922cf7adf917cea3a5da6cedf82291bee1e7dc25d
-
SSDEEP
12288:6D6YDzqx5XBNt1BrivR0V4TBjgYxs1wl206gBawFV2ceSb0BQ/GfM/4QiAzojgJI:6D6Y3qx51NbXA
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-