General
-
Target
8c24f4757a7100d4320e848023ca9f4c.exe
-
Size
640KB
-
Sample
210222-y6w4xl3fe2
-
MD5
8c24f4757a7100d4320e848023ca9f4c
-
SHA1
26c1c6d789037cfb335dd5635617ef013fa4c4cd
-
SHA256
94651db17b9e3921ba9e4484b848bfc920f6a1d451d6a2a5fe3ca9bc386d7c29
-
SHA512
6ea825bda92097c2d8834442566886e560dbbeaa7c5f83ce630cc19415f12c3c751f3c947acebcbc41c5da78c6bfc5a5c4113bda8488d9c176d24b25ed644db7
Static task
static1
Behavioral task
behavioral1
Sample
8c24f4757a7100d4320e848023ca9f4c.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
8c24f4757a7100d4320e848023ca9f4c.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
8c24f4757a7100d4320e848023ca9f4c.exe
-
Size
640KB
-
MD5
8c24f4757a7100d4320e848023ca9f4c
-
SHA1
26c1c6d789037cfb335dd5635617ef013fa4c4cd
-
SHA256
94651db17b9e3921ba9e4484b848bfc920f6a1d451d6a2a5fe3ca9bc386d7c29
-
SHA512
6ea825bda92097c2d8834442566886e560dbbeaa7c5f83ce630cc19415f12c3c751f3c947acebcbc41c5da78c6bfc5a5c4113bda8488d9c176d24b25ed644db7
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-