General
-
Target
206a2568e014f2f52c5f6aa16bb47f81.exe
-
Size
1.5MB
-
Sample
210117-ww4ms9kaxs
-
MD5
206a2568e014f2f52c5f6aa16bb47f81
-
SHA1
500a475682cf18481138fe7696447a116001eabc
-
SHA256
e846c73b8c02eb9abc0e42d17bb3f3b501e6c4a327d3308b2d16cffa7a813638
-
SHA512
73de7348574b4c2ae313729cd37d7e215a74112d810800ad3141de3fa43ffc985f7fd92b50fb57984731130e4a45405ce726c86913008857398377266c886244
Static task
static1
Behavioral task
behavioral1
Sample
206a2568e014f2f52c5f6aa16bb47f81.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
206a2568e014f2f52c5f6aa16bb47f81.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
206a2568e014f2f52c5f6aa16bb47f81.exe
-
Size
1.5MB
-
MD5
206a2568e014f2f52c5f6aa16bb47f81
-
SHA1
500a475682cf18481138fe7696447a116001eabc
-
SHA256
e846c73b8c02eb9abc0e42d17bb3f3b501e6c4a327d3308b2d16cffa7a813638
-
SHA512
73de7348574b4c2ae313729cd37d7e215a74112d810800ad3141de3fa43ffc985f7fd92b50fb57984731130e4a45405ce726c86913008857398377266c886244
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-