General
-
Target
65585198ebd4fdfb7bcfab5ec48aaedb.exe
-
Size
774KB
-
Sample
210217-ndghjqkhea
-
MD5
65585198ebd4fdfb7bcfab5ec48aaedb
-
SHA1
34c18f8e18fdd6b30f80220fa02049011922f4df
-
SHA256
289672c4240951a1feebd7b328f05ded88e3d27b8da51d717813eb1193a6963a
-
SHA512
faad245651dfe7c1b384cb70f4cc83f9c50802e23718a821c9a1741a0172bab818273ec00b63485bba1aa2722402f9aeac986b897bc36eaced400b8e99e41329
Static task
static1
Behavioral task
behavioral1
Sample
65585198ebd4fdfb7bcfab5ec48aaedb.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
65585198ebd4fdfb7bcfab5ec48aaedb.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
65585198ebd4fdfb7bcfab5ec48aaedb.exe
-
Size
774KB
-
MD5
65585198ebd4fdfb7bcfab5ec48aaedb
-
SHA1
34c18f8e18fdd6b30f80220fa02049011922f4df
-
SHA256
289672c4240951a1feebd7b328f05ded88e3d27b8da51d717813eb1193a6963a
-
SHA512
faad245651dfe7c1b384cb70f4cc83f9c50802e23718a821c9a1741a0172bab818273ec00b63485bba1aa2722402f9aeac986b897bc36eaced400b8e99e41329
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-