General
-
Target
a640bac6abe6ce8483abdd43ec8a0230d00c6e106318cfef42f89c8793176876
-
Size
406KB
-
Sample
211023-n55lkadcck
-
MD5
111daf74babf12f2f2be67bfb12776d2
-
SHA1
ef55ef2a74c9a262f34b7eb23acf079429a0a239
-
SHA256
a640bac6abe6ce8483abdd43ec8a0230d00c6e106318cfef42f89c8793176876
-
SHA512
cf93fd55246565c78d373ff2dcefe2557ce1ff7df3472e24f039855a03de3225336b79b1b8448a7ca9f04b3b4064f175efd7e2a104850566b67737447d2d1184
Static task
static1
Behavioral task
behavioral1
Sample
a640bac6abe6ce8483abdd43ec8a0230d00c6e106318cfef42f89c8793176876.exe
Resource
win10-en-20210920
Malware Config
Targets
-
-
Target
a640bac6abe6ce8483abdd43ec8a0230d00c6e106318cfef42f89c8793176876
-
Size
406KB
-
MD5
111daf74babf12f2f2be67bfb12776d2
-
SHA1
ef55ef2a74c9a262f34b7eb23acf079429a0a239
-
SHA256
a640bac6abe6ce8483abdd43ec8a0230d00c6e106318cfef42f89c8793176876
-
SHA512
cf93fd55246565c78d373ff2dcefe2557ce1ff7df3472e24f039855a03de3225336b79b1b8448a7ca9f04b3b4064f175efd7e2a104850566b67737447d2d1184
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-