General
-
Target
68900761d23c77b005b89feb89876c85
-
Size
515KB
-
Sample
220126-xftx7shcc2
-
MD5
68900761d23c77b005b89feb89876c85
-
SHA1
2d9a95cfe66fd559424957eed4ac797271a87144
-
SHA256
782f3607d63d38bd59a78ae9f219ef092850f29c3da05c019594b44f53ac84ac
-
SHA512
1ff6772b27c34d5550ef6d11b69beb4ab99dd17ad1600286248cd3dd9dec3469bf5d39d80252a60965ddfb76a75f7d9d72b73f5460d2b8ffe9a8739d1b34c571
Static task
static1
Behavioral task
behavioral1
Sample
68900761d23c77b005b89feb89876c85.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
68900761d23c77b005b89feb89876c85.exe
Resource
win10-en-20211208
Malware Config
Targets
-
-
Target
68900761d23c77b005b89feb89876c85
-
Size
515KB
-
MD5
68900761d23c77b005b89feb89876c85
-
SHA1
2d9a95cfe66fd559424957eed4ac797271a87144
-
SHA256
782f3607d63d38bd59a78ae9f219ef092850f29c3da05c019594b44f53ac84ac
-
SHA512
1ff6772b27c34d5550ef6d11b69beb4ab99dd17ad1600286248cd3dd9dec3469bf5d39d80252a60965ddfb76a75f7d9d72b73f5460d2b8ffe9a8739d1b34c571
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-