General
-
Target
SecuriteInfo.com.Trojan.Inject4.8495.10748.7579
-
Size
817KB
-
Sample
210310-yncx6d7zb6
-
MD5
b4374d21ebb16da6b2900a4959e46910
-
SHA1
13c11a3abc2c5c930a46449637c79067c07501ea
-
SHA256
3f93946193930f305bd0c2f82ce462a6de400072ef0bc2b059ae1aeebb435b13
-
SHA512
e95d1d691398778ba431bd3487e0146bcd51a7d48babc2c62f8f6d3a374bc0089792c40d03b40073004d267a8642d151cfa2ee9863b5f5e6395f6007325f6e39
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.Inject4.8495.10748.7579.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Trojan.Inject4.8495.10748.7579.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Trojan.Inject4.8495.10748.7579
-
Size
817KB
-
MD5
b4374d21ebb16da6b2900a4959e46910
-
SHA1
13c11a3abc2c5c930a46449637c79067c07501ea
-
SHA256
3f93946193930f305bd0c2f82ce462a6de400072ef0bc2b059ae1aeebb435b13
-
SHA512
e95d1d691398778ba431bd3487e0146bcd51a7d48babc2c62f8f6d3a374bc0089792c40d03b40073004d267a8642d151cfa2ee9863b5f5e6395f6007325f6e39
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-