General
-
Target
5f367bf8b0c6b4b567f8766961a5921c.exe
-
Size
1.3MB
-
Sample
210505-d19f2dkvyn
-
MD5
5f367bf8b0c6b4b567f8766961a5921c
-
SHA1
360f131fcce1b7081ad4e99d7aea2facb558d296
-
SHA256
d6060fc07a8d995ef6139b2818bfc188a06c5d8a506a7450acd1c558ef92d404
-
SHA512
e3c82c41dafa97af43acb5068255f7c38bb2674749f676d33512003f13017b514535fb7ad48bffab757de9f07bfe7aaa51c1d899533f88d906d65d7b8c9859b9
Static task
static1
Behavioral task
behavioral1
Sample
5f367bf8b0c6b4b567f8766961a5921c.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
5f367bf8b0c6b4b567f8766961a5921c.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
5f367bf8b0c6b4b567f8766961a5921c.exe
-
Size
1.3MB
-
MD5
5f367bf8b0c6b4b567f8766961a5921c
-
SHA1
360f131fcce1b7081ad4e99d7aea2facb558d296
-
SHA256
d6060fc07a8d995ef6139b2818bfc188a06c5d8a506a7450acd1c558ef92d404
-
SHA512
e3c82c41dafa97af43acb5068255f7c38bb2674749f676d33512003f13017b514535fb7ad48bffab757de9f07bfe7aaa51c1d899533f88d906d65d7b8c9859b9
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-