General
-
Target
ebb86bff468a3b482b724efc18a226b5
-
Size
599KB
-
Sample
220129-ynph5agfaj
-
MD5
ebb86bff468a3b482b724efc18a226b5
-
SHA1
8e9d5f32146bb17b56c9cdd61023ace27982c44c
-
SHA256
677b8d2a671f9f2de4e110adaf6eb12f74c9feb15dcd9e6e6c126f668676cf57
-
SHA512
a49113e697b58d300b9404b5b5a046240b185c38242c78ac7f26891976915e92439ff8ec636af4c2bad5b0015574c21ea518db10918bc2cf843afdde713854c7
Static task
static1
Behavioral task
behavioral1
Sample
ebb86bff468a3b482b724efc18a226b5.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
ebb86bff468a3b482b724efc18a226b5.exe
Resource
win10-en-20211208
Malware Config
Targets
-
-
Target
ebb86bff468a3b482b724efc18a226b5
-
Size
599KB
-
MD5
ebb86bff468a3b482b724efc18a226b5
-
SHA1
8e9d5f32146bb17b56c9cdd61023ace27982c44c
-
SHA256
677b8d2a671f9f2de4e110adaf6eb12f74c9feb15dcd9e6e6c126f668676cf57
-
SHA512
a49113e697b58d300b9404b5b5a046240b185c38242c78ac7f26891976915e92439ff8ec636af4c2bad5b0015574c21ea518db10918bc2cf843afdde713854c7
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-