General
-
Target
58ed282c74825b5b77132329d2a06868.bin
-
Size
144KB
-
Sample
241210-bpyf4atkel
-
MD5
decbd95681e50568cfe2f58719b1d20b
-
SHA1
e04cc4eee493d441b84ce796c7a8e3594d98a02c
-
SHA256
9ace91818c4848ce60d5abb45ffa4688f267df413f01cec8bf5a6ed726eb3a1b
-
SHA512
9af1a347f8673c7c56f8fe24861f9eed0be56e9045dbb4f8a9f984dedb2d655edc8e40ae553e3a2970b7875a4241854ce69cda11ff45b952607444030731da2a
-
SSDEEP
3072:3fNjyTjkPAYoRAEChD+3gTkhO/KaUsSc+8iM:3fl9PAphWrkhiKF0+8v
Malware Config
Targets
-
-
Target
e1cf672f6bb955a21b742da64c3978241d639e9c2add415b63df73c52b4c1c8f.exe
-
Size
726KB
-
MD5
58ed282c74825b5b77132329d2a06868
-
SHA1
44e040cc9b0760d929a14e34ff2153fb17a51aa8
-
SHA256
e1cf672f6bb955a21b742da64c3978241d639e9c2add415b63df73c52b4c1c8f
-
SHA512
837aa4d7c25f904272372b1585c5934afc99aa1f1a208b288d4b85efce0e079b61dac96449c6dc2032cc9a76975b59a424dbd135e9474ee6930871e3566e058e
-
SSDEEP
12288:xDKYDzqxpXBNt1BrivR0V4TBjgYxs1wl206gBawFV2ceSb0BQ/GfM/4QiAzojgJ0:xDKY3qxp1NDXw
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-