Analysis
-
max time kernel
151s -
max time network
152s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
19-03-2021 07:41
Static task
static1
Behavioral task
behavioral1
Sample
0adaabe4a156ee49011937d128b7bfec.exe
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
0adaabe4a156ee49011937d128b7bfec.exe
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
0adaabe4a156ee49011937d128b7bfec.exe
-
Size
286KB
-
MD5
0adaabe4a156ee49011937d128b7bfec
-
SHA1
bb2bbf24fd2cdbe86f16c1bf08563886b73170bb
-
SHA256
7eefafe85ed6277d9c6abd81fa1ef7969c2ce6767c609baafc79206f78d13685
-
SHA512
eb5d1a6f2cfbf4d3b6d1a2b3aaf80ecb020b8acd3175a9bdea61b23e9d11555466133e4bd685a8c566c3e3576e0b28536636c3f848cf1dd0987ccd700b3140d7
Score
10/10
Malware Config
Signatures
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
0adaabe4a156ee49011937d128b7bfec.exedescription pid process Token: SeDebugPrivilege 1872 0adaabe4a156ee49011937d128b7bfec.exe