General
-
Target
9d14fb440051c68dbca6f968127d1ffdd43bf3a7ca43da7876dabd809be40791
-
Size
705KB
-
Sample
211024-1xndjafcf9
-
MD5
378c0ffbcfa46bdd32eb1d62be368bab
-
SHA1
6253b11aeb700a8c9feee93e660e74dc71f4bf2f
-
SHA256
9d14fb440051c68dbca6f968127d1ffdd43bf3a7ca43da7876dabd809be40791
-
SHA512
c6351dff1abb653016e210fa6a562d7ebe8cfbfa6a4da58048c312f3cf2970221ff811abb89b3d265cbc1bef88d02388b3c596c3b9f6e69516ef0d2538b5d2c4
Static task
static1
Behavioral task
behavioral1
Sample
9d14fb440051c68dbca6f968127d1ffdd43bf3a7ca43da7876dabd809be40791.exe
Resource
win10-en-20210920
Malware Config
Targets
-
-
Target
9d14fb440051c68dbca6f968127d1ffdd43bf3a7ca43da7876dabd809be40791
-
Size
705KB
-
MD5
378c0ffbcfa46bdd32eb1d62be368bab
-
SHA1
6253b11aeb700a8c9feee93e660e74dc71f4bf2f
-
SHA256
9d14fb440051c68dbca6f968127d1ffdd43bf3a7ca43da7876dabd809be40791
-
SHA512
c6351dff1abb653016e210fa6a562d7ebe8cfbfa6a4da58048c312f3cf2970221ff811abb89b3d265cbc1bef88d02388b3c596c3b9f6e69516ef0d2538b5d2c4
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-