General
-
Target
60d5d621021211e78d6970ec792b181f83e5cb2291b88d0a0e63e17215287c83
-
Size
705KB
-
Sample
211024-3hda5afdc3
-
MD5
0f8ab084532b57e7dba94d75c688250e
-
SHA1
74081221c6374dff6363b120bd5a5bc29c6e9f05
-
SHA256
60d5d621021211e78d6970ec792b181f83e5cb2291b88d0a0e63e17215287c83
-
SHA512
2169b48dd21a9e0188c7f1c3d4152bbd6bf7f4b7c4aab26945a622770151e4286c09f2b66028afb86367a5e0743555fd7b80fb6d6502faefaa266621b12c832c
Static task
static1
Behavioral task
behavioral1
Sample
60d5d621021211e78d6970ec792b181f83e5cb2291b88d0a0e63e17215287c83.exe
Resource
win10-en-20211014
Malware Config
Targets
-
-
Target
60d5d621021211e78d6970ec792b181f83e5cb2291b88d0a0e63e17215287c83
-
Size
705KB
-
MD5
0f8ab084532b57e7dba94d75c688250e
-
SHA1
74081221c6374dff6363b120bd5a5bc29c6e9f05
-
SHA256
60d5d621021211e78d6970ec792b181f83e5cb2291b88d0a0e63e17215287c83
-
SHA512
2169b48dd21a9e0188c7f1c3d4152bbd6bf7f4b7c4aab26945a622770151e4286c09f2b66028afb86367a5e0743555fd7b80fb6d6502faefaa266621b12c832c
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-