General
-
Target
SecuriteInfo.com.Trojan.PWS.Stealer.30553.25052.24916
-
Size
92KB
-
Sample
210604-x6jdq3fs4a
-
MD5
b51dff037d329ad3eda0092344075957
-
SHA1
eb488926c64482727e331371dff2aab91527f6e2
-
SHA256
b4068adb43934070338e61f725163bef08368f820485fc3b2ed288608f8c9e8d
-
SHA512
026ac3a8f468d2ca5d458ec78924dd43e90e7cc9b69330994715158814e3798ad751f31b7e698303ace0f00f9bbad208d5969f6441bbb83be5f3745edb972b5f
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.PWS.Stealer.30553.25052.24916.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Trojan.PWS.Stealer.30553.25052.24916.exe
Resource
win10v20210410
Malware Config
Extracted
redline
Alvarezbuild
91.194.11.86:14271
Targets
-
-
Target
SecuriteInfo.com.Trojan.PWS.Stealer.30553.25052.24916
-
Size
92KB
-
MD5
b51dff037d329ad3eda0092344075957
-
SHA1
eb488926c64482727e331371dff2aab91527f6e2
-
SHA256
b4068adb43934070338e61f725163bef08368f820485fc3b2ed288608f8c9e8d
-
SHA512
026ac3a8f468d2ca5d458ec78924dd43e90e7cc9b69330994715158814e3798ad751f31b7e698303ace0f00f9bbad208d5969f6441bbb83be5f3745edb972b5f
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-