General
-
Target
af85acc72d040db0b5edf6aabd8dd01a3b3a38c39a7395f97820a32be6dbb45c
-
Size
705KB
-
Sample
211024-1wttxsfcf8
-
MD5
19833b1cf7df1928103ddaa5bf7a3250
-
SHA1
4ac09e5b0559fed4d7d20173c0e12f10de1f7392
-
SHA256
af85acc72d040db0b5edf6aabd8dd01a3b3a38c39a7395f97820a32be6dbb45c
-
SHA512
e86222def79d14aa1ab37e4e4151b659574f016480d0ec0b4da560840c32a7a9d166715d35bd49c330214479aedf41625225ef9650a8d253196e740536d7c4fd
Static task
static1
Behavioral task
behavioral1
Sample
af85acc72d040db0b5edf6aabd8dd01a3b3a38c39a7395f97820a32be6dbb45c.exe
Resource
win10-en-20211014
Malware Config
Targets
-
-
Target
af85acc72d040db0b5edf6aabd8dd01a3b3a38c39a7395f97820a32be6dbb45c
-
Size
705KB
-
MD5
19833b1cf7df1928103ddaa5bf7a3250
-
SHA1
4ac09e5b0559fed4d7d20173c0e12f10de1f7392
-
SHA256
af85acc72d040db0b5edf6aabd8dd01a3b3a38c39a7395f97820a32be6dbb45c
-
SHA512
e86222def79d14aa1ab37e4e4151b659574f016480d0ec0b4da560840c32a7a9d166715d35bd49c330214479aedf41625225ef9650a8d253196e740536d7c4fd
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-