General
-
Target
dd901acce71d57eb1a1c02f2233e8a6c.exe
-
Size
559KB
-
Sample
201104-5dek4jdh7n
-
MD5
dd901acce71d57eb1a1c02f2233e8a6c
-
SHA1
4b8d6daa408ba68fd0ed674b77e42e8a219dbbd6
-
SHA256
9141d2b51d3f037b46ecee043c700b62a8afa20b80b195b3aa5db28bd82bdcf7
-
SHA512
c827e92fbb388c7c875328d528014562d18b4e6c6a2f45f2efc27d2812f0d9c8d7ffed99e359728058649222abc6908b963fe2929a6b9a5c98708f2731affaec
Static task
static1
Behavioral task
behavioral1
Sample
dd901acce71d57eb1a1c02f2233e8a6c.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
dd901acce71d57eb1a1c02f2233e8a6c.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
dd901acce71d57eb1a1c02f2233e8a6c.exe
-
Size
559KB
-
MD5
dd901acce71d57eb1a1c02f2233e8a6c
-
SHA1
4b8d6daa408ba68fd0ed674b77e42e8a219dbbd6
-
SHA256
9141d2b51d3f037b46ecee043c700b62a8afa20b80b195b3aa5db28bd82bdcf7
-
SHA512
c827e92fbb388c7c875328d528014562d18b4e6c6a2f45f2efc27d2812f0d9c8d7ffed99e359728058649222abc6908b963fe2929a6b9a5c98708f2731affaec
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-