General
-
Target
SecuriteInfo.com.Trojan.PWS.Steam.26450.29302.9996
-
Size
1.1MB
-
Sample
220308-yqefyabch8
-
MD5
1cb79dd340381e83c85a178c8a921b36
-
SHA1
3e8be81d4217a38a325058666395dcb32b122474
-
SHA256
6087cbea917f0062401149be475a2d9440d00ce2a962d3be3b16f26264729233
-
SHA512
f0425436b7df637bb9b886ea6759c3b225f1368a10dbdc890b3fc6ee5b3e5472f0d7da56bcf037d709c5d1ccbfdf516a18bde975f3f9165e278c89b5ac3a3766
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.PWS.Steam.26450.29302.exe
Resource
win7-20220223-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Trojan.PWS.Steam.26450.29302.exe
Resource
win10v2004-en-20220112
Malware Config
Extracted
redline
bild
95.216.21.217:19597
-
auth_value
6a86304a315cc6a978ccb33feb915de5
Targets
-
-
Target
SecuriteInfo.com.Trojan.PWS.Steam.26450.29302.9996
-
Size
1.1MB
-
MD5
1cb79dd340381e83c85a178c8a921b36
-
SHA1
3e8be81d4217a38a325058666395dcb32b122474
-
SHA256
6087cbea917f0062401149be475a2d9440d00ce2a962d3be3b16f26264729233
-
SHA512
f0425436b7df637bb9b886ea6759c3b225f1368a10dbdc890b3fc6ee5b3e5472f0d7da56bcf037d709c5d1ccbfdf516a18bde975f3f9165e278c89b5ac3a3766
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-