General
-
Target
DD18.tmp.exe
-
Size
710KB
-
Sample
210224-ggxr76nmds
-
MD5
337137dcfe450ef92e78acc018cbec12
-
SHA1
19c7da5f34278b6d738db17ef56f590bf6579ee9
-
SHA256
ffd931be9785689374e83fc51cb1712fa36a31a9d06228100c2ae729226c7e06
-
SHA512
6d6172a61e170dbfd41438d3756b1991e03632730c3552755d0ad31458f33d0c2e8f46b9b45638aabba4d5205a73d098cd46b8a50cc31228ad8e588bd8118bdf
Static task
static1
Behavioral task
behavioral1
Sample
DD18.tmp.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
DD18.tmp.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
DD18.tmp.exe
-
Size
710KB
-
MD5
337137dcfe450ef92e78acc018cbec12
-
SHA1
19c7da5f34278b6d738db17ef56f590bf6579ee9
-
SHA256
ffd931be9785689374e83fc51cb1712fa36a31a9d06228100c2ae729226c7e06
-
SHA512
6d6172a61e170dbfd41438d3756b1991e03632730c3552755d0ad31458f33d0c2e8f46b9b45638aabba4d5205a73d098cd46b8a50cc31228ad8e588bd8118bdf
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-