General
-
Target
8684d32ce7d422c21d16332402ab0ea5.exe
-
Size
325KB
-
Sample
201103-bjd4f6nzsn
-
MD5
8684d32ce7d422c21d16332402ab0ea5
-
SHA1
4515d7b81b406bcd90f8cc45cd445f5e241048f2
-
SHA256
31239f4455170cbb223b36936011b6573c3a5a86ee32b55f0bba48d95f3c7f6d
-
SHA512
af6d32a5bf30f912baed7beb834b5e7c36b40358032c9701af2bd58214caad0dc953d45cad2f8b6ee3e9b88f5037ac88ed6daffc14b8e221100815d811281b37
Static task
static1
Behavioral task
behavioral1
Sample
8684d32ce7d422c21d16332402ab0ea5.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
8684d32ce7d422c21d16332402ab0ea5.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
8684d32ce7d422c21d16332402ab0ea5.exe
-
Size
325KB
-
MD5
8684d32ce7d422c21d16332402ab0ea5
-
SHA1
4515d7b81b406bcd90f8cc45cd445f5e241048f2
-
SHA256
31239f4455170cbb223b36936011b6573c3a5a86ee32b55f0bba48d95f3c7f6d
-
SHA512
af6d32a5bf30f912baed7beb834b5e7c36b40358032c9701af2bd58214caad0dc953d45cad2f8b6ee3e9b88f5037ac88ed6daffc14b8e221100815d811281b37
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-