General
-
Target
b134f49f0fa367b536ce1d05ec03fbd0.exe
-
Size
666KB
-
Sample
210217-3sfk6ryds2
-
MD5
b134f49f0fa367b536ce1d05ec03fbd0
-
SHA1
dfd1cf8d18c7dfbfb42db3c60afc2d35b0597f64
-
SHA256
2937afa694e2560413f2860dd1b71019b1b89839b08317a9d79a651a80486645
-
SHA512
bf8cf4409014f1ee5c5766aa5866066499ac11e6f1e24d0d30a79bfd6b9d6b315670af31951764dd8349e2ea818b97bb05a3cc1d8888d3aa35f2f5fed1e07e8b
Static task
static1
Behavioral task
behavioral1
Sample
b134f49f0fa367b536ce1d05ec03fbd0.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
b134f49f0fa367b536ce1d05ec03fbd0.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
b134f49f0fa367b536ce1d05ec03fbd0.exe
-
Size
666KB
-
MD5
b134f49f0fa367b536ce1d05ec03fbd0
-
SHA1
dfd1cf8d18c7dfbfb42db3c60afc2d35b0597f64
-
SHA256
2937afa694e2560413f2860dd1b71019b1b89839b08317a9d79a651a80486645
-
SHA512
bf8cf4409014f1ee5c5766aa5866066499ac11e6f1e24d0d30a79bfd6b9d6b315670af31951764dd8349e2ea818b97bb05a3cc1d8888d3aa35f2f5fed1e07e8b
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-