General
-
Target
8bcb157f0ca97d9dddf83e0f0bc6448c7fb82dc522f3c.exe
-
Size
1.8MB
-
Sample
220202-janmcahga4
-
MD5
960319c02c9aa28823a33185fddd9167
-
SHA1
fa71b18f7a512b4913864c12aace96e76fa8e097
-
SHA256
8bcb157f0ca97d9dddf83e0f0bc6448c7fb82dc522f3cb77bdeae68e01b173e0
-
SHA512
caee1f1da6a532b7c738eaca04cd2e7501c101e2295f55cfce94104891b368f51db4aebdb317d3de22b600847d0e4428792c28ae349fe69426b2d632e11d986a
Behavioral task
behavioral1
Sample
8bcb157f0ca97d9dddf83e0f0bc6448c7fb82dc522f3c.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
8bcb157f0ca97d9dddf83e0f0bc6448c7fb82dc522f3c.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
8bcb157f0ca97d9dddf83e0f0bc6448c7fb82dc522f3c.exe
-
Size
1.8MB
-
MD5
960319c02c9aa28823a33185fddd9167
-
SHA1
fa71b18f7a512b4913864c12aace96e76fa8e097
-
SHA256
8bcb157f0ca97d9dddf83e0f0bc6448c7fb82dc522f3cb77bdeae68e01b173e0
-
SHA512
caee1f1da6a532b7c738eaca04cd2e7501c101e2295f55cfce94104891b368f51db4aebdb317d3de22b600847d0e4428792c28ae349fe69426b2d632e11d986a
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-