General
-
Target
4ff47926085be740ea0454e4da552941.exe
-
Size
119KB
-
Sample
210726-fhggeazanj
-
MD5
4ff47926085be740ea0454e4da552941
-
SHA1
3cb55af55f5f9d748cb98b2ed137e73f31205ddf
-
SHA256
6269bfa8a782e26616df7fb8fc227870584c962038f74c92f203187ac17c4ee4
-
SHA512
edfaeebb9347807b7c73b38022ccaa2c314ba4288dc0a227d47c8a11c93eeffda2c2145c42dade227ddb5e44e9b4f7f2651a389c8f588d1060e10622b48f3153
Static task
static1
Behavioral task
behavioral1
Sample
4ff47926085be740ea0454e4da552941.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
4ff47926085be740ea0454e4da552941.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
4ff47926085be740ea0454e4da552941.exe
-
Size
119KB
-
MD5
4ff47926085be740ea0454e4da552941
-
SHA1
3cb55af55f5f9d748cb98b2ed137e73f31205ddf
-
SHA256
6269bfa8a782e26616df7fb8fc227870584c962038f74c92f203187ac17c4ee4
-
SHA512
edfaeebb9347807b7c73b38022ccaa2c314ba4288dc0a227d47c8a11c93eeffda2c2145c42dade227ddb5e44e9b4f7f2651a389c8f588d1060e10622b48f3153
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-