General
-
Target
cbb62490f144ce119dcbe5d1ef7f4ff6
-
Size
1.1MB
-
Sample
210610-1cfcfaqnmn
-
MD5
cbb62490f144ce119dcbe5d1ef7f4ff6
-
SHA1
4a153e0057673011a7fdc38eed71f11fc9708e90
-
SHA256
9890b3cc84a7417c40435676f4e27e4a816143a4545a7c3cb75cc4b3819945e4
-
SHA512
203111d011c842400f8cd5cdf8b9ee2ffabe7ef162535db1385f97843675b25400b52811d7d199cf2737148625b106f85b5ba6dc5244f394c55caf86bec77282
Static task
static1
Behavioral task
behavioral1
Sample
cbb62490f144ce119dcbe5d1ef7f4ff6.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
cbb62490f144ce119dcbe5d1ef7f4ff6.exe
Resource
win10v20210408
Malware Config
Targets
-
-
Target
cbb62490f144ce119dcbe5d1ef7f4ff6
-
Size
1.1MB
-
MD5
cbb62490f144ce119dcbe5d1ef7f4ff6
-
SHA1
4a153e0057673011a7fdc38eed71f11fc9708e90
-
SHA256
9890b3cc84a7417c40435676f4e27e4a816143a4545a7c3cb75cc4b3819945e4
-
SHA512
203111d011c842400f8cd5cdf8b9ee2ffabe7ef162535db1385f97843675b25400b52811d7d199cf2737148625b106f85b5ba6dc5244f394c55caf86bec77282
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
autoit_exe
AutoIT scripts compiled to PE executables.
-