General
-
Target
trainer v5.1.3.rar
-
Size
1.4MB
-
Sample
210421-v3kae23t9j
-
MD5
0374f350b55bdac8c8296b0cae27291c
-
SHA1
087f0184a9fd68221d26b7a760094a21e8815cc2
-
SHA256
a813615a6f9835ffdba1d69576deef2dc1fe62a45055901f900c5fc4dd49e61d
-
SHA512
88143a1b67b1c9f1bb13265793c8a5536c0c7f2ccb67648ca1848c2a69bab2eeef4406fa0706fa58836dea0e968b77989af49d7b025564c9251e2194d5b9d875
Static task
static1
Behavioral task
behavioral1
Sample
trainer v5.1.3.exe
Resource
win10v20210408
Behavioral task
behavioral2
Sample
trainer v5.1.3.exe
Resource
win10v20210410
Malware Config
Extracted
redline
Studio Product
93.114.128.190:49966
Targets
-
-
Target
trainer v5.1.3.exe
-
Size
1.5MB
-
MD5
d411460e9cf04cd64bdc25345bc9783b
-
SHA1
3374f053e1b9d40558c65bd363a3bae336a76cc8
-
SHA256
d47a34d18de0c08fa32f88fabb0123de6521b20f21a955f050c019a89360acb8
-
SHA512
8b8b8b9054daedd9f39682ab3d44f757f28085e028e4b666bca17a997e61c48b52cadbfefb851da0b4b4d2979ecd399f55e74bc0c9dd29b44cc26022fb26bd07
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-