General
-
Target
SecuriteInfo.com.Trojan.GenericKD.48274970.27549.13362
-
Size
1.8MB
-
Sample
220206-symjmabch3
-
MD5
8c7c8512e1de244c679575f825640f2b
-
SHA1
f5164e0228e18a37de301eeedf6494bae72ddba5
-
SHA256
e6496deacc785f638940cc3b3cef72bdb9ffea30624d992bbd35d29aacdcb7c2
-
SHA512
4f1b4629c4fbcc5d795773cf3731f11a5f67af3416511c1baa38c66b3401af8bf21de33e7eb7ae01bad3c1d9777294258b91947f40267076cd8829d2ab9f68ad
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.GenericKD.48274970.27549.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Trojan.GenericKD.48274970.27549.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Trojan.GenericKD.48274970.27549.13362
-
Size
1.8MB
-
MD5
8c7c8512e1de244c679575f825640f2b
-
SHA1
f5164e0228e18a37de301eeedf6494bae72ddba5
-
SHA256
e6496deacc785f638940cc3b3cef72bdb9ffea30624d992bbd35d29aacdcb7c2
-
SHA512
4f1b4629c4fbcc5d795773cf3731f11a5f67af3416511c1baa38c66b3401af8bf21de33e7eb7ae01bad3c1d9777294258b91947f40267076cd8829d2ab9f68ad
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-