MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 222c0a8b5aa876d94d3614dca3591b889090bd9301178cd4ec8baa063cf76271. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


RedLineStealer


Vendor detections: 18


Intelligence 18 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 222c0a8b5aa876d94d3614dca3591b889090bd9301178cd4ec8baa063cf76271
SHA3-384 hash: ed6bae50b8222ec798b1e358df10f05f89dd4513c63092fffb6d78bd2f839bc4636311ada0df93b23e0a1b50f406b869
SHA1 hash: 66085cb1b55deb72bc21e4d62b1c3e90c3db4732
MD5 hash: cbd1a9967624895157677ed3a9e3c17b
humanhash: spring-ten-hydrogen-beer
File name:cbd1a9967624895157677ed3a9e3c17b.exe
Download: download sample
Signature RedLineStealer
Create hunting rule
File size:487'936 bytes
First seen:2023-02-14 18:37:41 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 646167cce332c1c252cdcb1839e0cf48 (8'473 x RedLineStealer, 4'851 x Amadey, 290 x Smoke Loader)
ssdeep 12288:cMrmy90qmx9xZiFqo2HGHVfO3cVFPm52WmA:Kyq9xZiFv2m86FPbWN
Threatray 17'864 similar samples on MalwareBazaar
TLSH T1EBA40107AAF88472D8B467B059F207D306767E611B34825F234EAD1A1CB23F4B63576B
TrID 70.4% (.CPL) Windows Control Panel Item (generic) (197083/11/60)
11.1% (.EXE) Win32 Executable MS Visual C++ (generic) (31206/45/13)
5.9% (.EXE) Microsoft Visual C++ compiled executable (generic) (16529/12/5)
3.7% (.EXE) Win64 Executable (generic) (10523/12/4)
2.3% (.DLL) Win32 Dynamic Link Library (generic) (6578/25/2)
File icon (PE):PE icon
dhash icon f8f0f4c8c8c8d8f0 (8'803 x RedLineStealer, 5'078 x Amadey, 288 x Smoke Loader)
Reporter abuse_ch
Tags:exe RedLineStealer


Avatar
abuse_ch
RedLineStealer C2:
193.233.20.13:4136

Intelligence

File Origin
# of uploads :
1
# of downloads :
194
Origin country :
n/a
Vendor Threat Intelligence
Malware family:
redline
Create hunting rule
ID:
1
File name:
cbd1a9967624895157677ed3a9e3c17b.exe
Verdict:
Malicious activity
Analysis date:
2023-02-14 18:51:25 UTC
Tags:
trojan rat redline
Link:
https://app.any.run/tasks/56f9dac4-e4e0-4901-95c8-246f8b202350

Note:
ANY.RUN is an interactive sandbox that analyzes all user actions rather than an uploaded sample
Detection:
RedLine
Create hunting rule
Link:
https://www.capesandbox.com/analysis/365990/
Detection(s):
Win.Packed.Disabler-9987080-0
Create hunting rule

SecuriteInfo.com.Trojan.Agent.EAOQ.26295.2066.UNOFFICIAL
Create hunting rule

Result
Verdict:
Malware
Maliciousness:

Behaviour
Searching for the window
Creating a file in the %temp% subdirectories
Creating a process from a recently created file
Creating a process with a hidden window
Using the Windows Management Instrumentation requests
Reading critical registry keys
Creating a file
Connecting to a non-recommended domain
Sending a custom TCP request
Unauthorized injection to a recently created process
Sending a TCP request to an infection source
Stealing user critical data
Result
Malware family:
n/a
Score:
  8/10
Tags:
n/a
Link:
https://dragonfly.certego.net/analysis/69809/overview
Behaviour
MalwareBazaar
MeasuringTime
SystemUptime
EvasionGetTickCount
EvasionQueryPerformanceCounter
Verdict:
Suspicious
Threat level:
  5/10
Confidence:
60%
Tags:
advpack.dll anti-vm packed rundll32.exe setupapi.dll shell32.dll
Link:
https://www.filescan.io/uploads/63ebd512ab3d35df24c4992c/reports/38231740-9edf-47e9-99ba-e2827b0c16aa/overview
Verdict:
Malicious
Labled as:
Win/malicious_confidence_70%
Link:
https://www.hybrid-analysis.com/sample/222c0a8b5aa876d94d3614dca3591b889090bd9301178cd4ec8baa063cf76271
Result
Verdict:
MALICIOUS
Details
Windows PE Executable
Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.
Malware family:
RedLine stealer
Create hunting rule
Verdict:
Malicious
Link:
https://analyze.intezer.com/analyses/9dac8e90-97c1-4471-b755-d82888555eb4
Result
Threat name:
RedLine
Create hunting rule
Detection:
malicious
Classification:
troj.spyw.evad
Score:
100 / 100
Link:
https://www.joesandbox.com/analysis/1175427
Behaviour
Behavior Graph:
n/a
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/222c0a8b5aa876d94d3614dca3591b889090bd9301178cd4ec8baa063cf76271/
Threat name:
ByteCode-MSIL.Trojan.RedLine
Create hunting rule
Status:
Malicious
First seen:
2023-02-14 18:38:31 UTC
File Type:
PE (Exe)
Extracted files:
96
AV detection:
21 of 26 (80.77%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=eiwavc22vb3nstjwctokgwi3rcijbpmtaelyzvhmrovamphxmjyq._file
Verdict:
malicious
Similar samples:
2595a4b202c5ca535962ba616ce907f811683d934cf00b266106860ddce00faf
RedLineStealer
2e42dcb63ce6ab8e0c985e0e9c3b40a5ecbbe798b0a6c477cd39c123344c7d2b
RedLineStealer
2e94a777e3b86474913bb95e457207c645956b53f41a39149418d806be8a6aa1
RedLineStealer
3fe00972cea01da5ee95b7495905aafd5a4ccc338da94a7997c502016bd2e571
RedLineStealer
49872596131631dd7b9c6da08338dcc5391c981d39ef5fe4233e5b286bad1e5d
RedLineStealer
6922550edceae316a1034c8ecdcba9b048b6d33961cb224e8ee75af09da431c1
RedLineStealer
733a22a88cd20d924eb527f310048a6fe8edc8674ff3187557c320bbb895235d
RedLineStealer
abd479ae9e4b975c9d75e5652238136154b071a032d12256238f9411f48fee65
RedLineStealer
cc8320fd17d7a1451dbfc043488b30e8c428ebc674d5560a42923db3705c8d83
RedLineStealer
d58fa9c24d58a28f8c33134ae5b13845a503d3fbc22457b261678358900e8860
RedLineStealer
+ 17'854 additional samples on MalwareBazaar
Result
Malware family:
redline
Create hunting rule
Score:
  10/10
Tags:
family:redline botnet:cr10n botnet:fukia discovery evasion infostealer persistence spyware stealer trojan
Link:
https://tria.ge/reports/230214-w92z8seg4z/
Behaviour
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Program crash
Accesses cryptocurrency files/wallets, possible credential harvesting
Adds Run key to start application
Checks installed software on the system
Executes dropped EXE
Loads dropped DLL
Reads user/profile data of web browsers
Windows security modification
Modifies Windows Defender Real-time Protection settings
RedLine
Malware Config
C2 Extraction:
193.233.20.13:4136
176.113.115.17:4132
Unpacked files
SH256 hash:
d27d7163db2abd69aba405104fe774fe3692a2c00139218802aa574b3b82c18c
MD5 hash:
d3eabe8c149254054d1f096adb4ab7e7
SHA1 hash:
40b91d9c4777b4e4f37b41a6b261611898eba355
Detections:
redline
Create hunting rule
Link:
https://www.unpac.me/results/01e9e997-a2c3-486e-8a75-2e393c0b53bc/
Parent samples :
55ec2897787b708706ba51d69b38d2bd240eeefcf0e477eb516ab2f6136a6795
de365d0166a7b63d96cf2a5a7391f3085d1ff76cc9729a31152882cf656be511
e4d882e7169ea6eceff424396f6c6a70875ce82b23eaf5b56e7f374621dbc623
408d7b778f16ff3fc4edcd0916e895b04f9a1a1d9d2af2c18405a9dd230288ee
e0934ca0b305704f3a3ad679bbcaad7a6eae4aee399b7e68bfc40269818fa35c
cc8320fd17d7a1451dbfc043488b30e8c428ebc674d5560a42923db3705c8d83
fd8f38399b6177e82e47462be89e036cf84f959d9badb00af343db26a4226b1d
1a715a984c7b73d4b097f67fc0ebb9aa8933f8f5b57b5207613e1cb1765c7c9b
2e94a777e3b86474913bb95e457207c645956b53f41a39149418d806be8a6aa1
6922550edceae316a1034c8ecdcba9b048b6d33961cb224e8ee75af09da431c1
d58fa9c24d58a28f8c33134ae5b13845a503d3fbc22457b261678358900e8860
abd479ae9e4b975c9d75e5652238136154b071a032d12256238f9411f48fee65
2595a4b202c5ca535962ba616ce907f811683d934cf00b266106860ddce00faf
2e42dcb63ce6ab8e0c985e0e9c3b40a5ecbbe798b0a6c477cd39c123344c7d2b
222c0a8b5aa876d94d3614dca3591b889090bd9301178cd4ec8baa063cf76271
733a22a88cd20d924eb527f310048a6fe8edc8674ff3187557c320bbb895235d
3fe00972cea01da5ee95b7495905aafd5a4ccc338da94a7997c502016bd2e571
5a85af3e3d8de4f9d8ee3f0e7077cc5560731b0d52caf1495c5332b16f157eba
fe854ddec5c7621d98c1fc8c0ac33c67fa273783e0a37bcc360f60b6e4e5f31e
93cc419ee939602a610353fcff8b4c34960c1b354733c6f8300a7a684f220fb6
a73a1a0b55c18085c146c9b1fcbfb5e8e722302a97b7b1d33c37ed9a15d6e991
3630b9fd9d3d3f24c1b3116118f7068b48c74201938a8fdfaa4d32116d383abe
96f65fdd17e0597a18fd472faa0b80452ce17a85ec2bae585131929f905267ed
275db2bbbd631acf176a14e1830ef2c2bd6037b888b17a291aeb38d4810b0648
cf169aa5a037cf9872e83a0afaec0d754782e3031b97c20ab82d5a4cc236cd84
SH256 hash:
86dcb71ecc4715ea9721acc04083cbfb48fef5f10ff39989f9c3f73002a24d5e
MD5 hash:
000ad6b3bc5076abbf03cb77d1f53e15
SHA1 hash:
3af99900e485e6b76ae2fce5231a93bc037cf9bd
Detections:
redline
Create hunting rule
Link:
https://www.unpac.me/results/01e9e997-a2c3-486e-8a75-2e393c0b53bc/
Parent samples :
9a127eee161c614e8c18158b0551df84456baa95af8cd9625c6b06083624a9bd
4111c34d83215da13fe371bddf6e240c603a36795dfabbd0758800504e8e29e0
07fc2d880b3aebc4ff5e881de359d44eb9943983c43cf7af30c919183c86a7b7
36a64887ec2f66e3e15391915c0727c30ae94efdfdcb07cbfcf651e2cc551667
7e63d4e091db604cc5ae0c4c17331d1479ec69ac3d7730f39466d1c90762d614
f64bdf701a093e700fd5383f7616fc95e51872a03153534e1202bf0f2e50c3d0
7811187453075a1d6d9a2f56d988c132cf2f723c3fa7fa2eae9eec4a8f0a4782
79b7017ae1c67b5cfd2bcceb4f6ebaac440d7ae460dd4a72f36b2d56c742ca4c
f7d34d9f8e91a9088f53d62b6a1c2ada8b703df905e4e5f963b6bb6fa93f5e32
fbab8e388c0f5d56e171a7564a92ca87fc13c1d6806fc4b31e56dcede7ca3b2f
6dd4faf8c126c57f1d04c432ea1a2d7d0bcb392b046ce5da0c758e237f5f2861
c377412e532d521c503048de70f69df4ca865f6f53901f269acbcbe86d727514
f949f43cb0a051dd2b8986c093cf1d5d6b452bc9b410aef78d43cfb0ab81212f
32296c4479cb1a6124baf168a247824d1068b269ac88f690d0d437a018c1e858
be2775904e1df380301bc44ca86fea89d8f4a681aa9bfb7a7718859a147303cd
18b8e4d98289f36117d2a2cac153a7a9231a28b3a7b2ef98b17b7729666a11ff
dd4a71c426d17cac635b5e47b113a5159a981ddeecf74f49e30f7ec7e23539c2
bff73ef26c410d89b352b6f6a33897fce077d951db59735155ff6e7a0e71209c
ba2449f4d918ac274c77408cbd9f156b2dd26e595409216f5a8a562e91b1ec00
1aa10681a65d13dcfacd0e564bf7214f32f542c7f06cf5b82cef124563f9469e
531159c12893cd3b37dc9e6337c6e410686cb43c6648139f5e52833d3c22a9f4
afc75875bee82d5c43782b266681102da95a9c56da98c1f62d452a6517f244f8
ca003a0a335634a9ac39a902e3444023b9ebff45590a73d22c23bec1e3522f9d
9ebb7f2c3b8746de82679c1e24ed9a5300d4d8d05830e2e1a7d0075ebaea25da
1b39a76f058e01fb638cc0c6077aeac7c77a1d51028bfc76d9fbe78334423f87
5e7eec420ff9058f51eb0e22729be51ce6b6b1c8844acef794674081b52b420b
ce30c6c1b0168c376dca8094978f5256349e1d6da9d1cb62aa4c5fdf97e7d602
24039418fadac343e857b633a68d3f7d2e99385a78b709ad84f149712af3f3cd
5960de39a5c99b774aad2ae885bd88f4ca72a8039cd914b97d124b249d13a5f4
65e42c13d1de74738a92304858b3e8e41fa79205f0fbc4edd0858f939b97f15a
8b59d22aaf385b20794549384a1e984d748224d12c653c6ec17f97fac74b3ca1
1c7c5ce03a60a68effe4997c8d6117eed669d3230e601097e22d99da49d0bcdd
8ddc703be06eb9dcff06322321f9a99ec09f2fe7b5c4be11a7250c58302509de
49352ffa3e6ee49fcd17f56173dd8c4089f6fa1b0a930a1e6c68355a93489281
ec7c4f05150f213e7be63cec7528aa7660acb543d4986c4e0aad7c90a2131889
f6c2d6a24cfbb3a3b041f9ab1741adfb5231202b3a80f010593f9684040e690d
728f5f728d9d7a65e3a7d632f7bab4c7fe0834583476695b75ff014a376975a3
d6ac841be83e53dd91e469cf46eb2184e86c5fa5c22bb6f6dcb68a62d8dfb326
2726cd59cd7fdf16133ba90710b773b5c4a98f12f8f74942d63ad84ff1bd96a0
55ec2897787b708706ba51d69b38d2bd240eeefcf0e477eb516ab2f6136a6795
d788344e06f6628773b2ee753728aae8ad38dd4a76342c473a843437d01f5c36
b32ec99e31afd7bba046e5d4fa592476ee4b64da4cf43dd876b4bd2c36d2af33
993fae410de88ca66cb5ba99a1b28528069f74298696fc533faba14d99c5689d
6f0f1aa395c4af8bbbf0fc05cc0c79519f85e24de22d09b012515a566e9d3c7d
4eaa76b38029bd6f986a54ac49a009636320c39fdf00b9e830e9c435585f097b
13f78253f5f90a68fbb6e9d8d43e529a2c70653048352956d7088779f77f3e11
0e170dbbda54f4cbb21a3007eb3ec5bbe4a8672e6064d6333feba3bcc65b497b
40e9ed40912b3f29776dac2661bd144740ac143fbdb1f450ebe07845d97671c5
77334886d0bc82912e82d79d2dd490aca90df7f91a656eaf72350dce5f085b3d
fb64b0ef6d6f2173870b8544c715a3a19e2e1123c04ba65089e633a36d67c8d0
8b315f184f21e87e2cffeb630973021118108c76b422f1aafec3e88fd0287c94
8fd74b036d0f3679f2546730143f496017eafa6202d6296758da51fe5c319816
9aa42f2e5fd4553d6f8d3e2a11631913d3f75f2060e119e9a7f2a68df3ecc539
de365d0166a7b63d96cf2a5a7391f3085d1ff76cc9729a31152882cf656be511
e4d882e7169ea6eceff424396f6c6a70875ce82b23eaf5b56e7f374621dbc623
408d7b778f16ff3fc4edcd0916e895b04f9a1a1d9d2af2c18405a9dd230288ee
e3ee711686bfd02005d1f978a69b87b4c2b4a7a14049f09a934f096b9ece9235
e5dd82839a625b99ef6abfc28546b29f1a4d645bf886037b736b0b5debb658bb
e0934ca0b305704f3a3ad679bbcaad7a6eae4aee399b7e68bfc40269818fa35c
312620f833f021774fd66f84a7cdccc2c95ab3f934386abffb13da5754bba86f
2bc351fc4548a0fd77518a055918a76103b1d516b7ccb1cd860ed86ba667a0a6
ccc642e0fb19d7cf4699cabee9ff71baecd9816aa263f8df7e7b941499d2a09b
b8ff2c555381249e93dc0f7229cdb73120704d298fc4f29a6191b7f46a31ba8d
e914ce68fefe2cfd9392f81cb60249035b4724961ba4cd6e1a30a8db30719ef5
996d837c0c09504cb078af339ce50595e4fbb51780bf052021b62e6b91e3dddc
1fcdc372f8d2dff180b93072d52885285ea53844896f1d08366f4bf59fa8b36d
d42d0796bff051503d43cd4e9fb9601d2a5fca650084382a9e40e564a2a39307
cc8320fd17d7a1451dbfc043488b30e8c428ebc674d5560a42923db3705c8d83
fd8f38399b6177e82e47462be89e036cf84f959d9badb00af343db26a4226b1d
029e872b833b576be0fc3c4ccf50fc8ca3e98d58bd94e7d1bf2f64cfba6100ab
1a715a984c7b73d4b097f67fc0ebb9aa8933f8f5b57b5207613e1cb1765c7c9b
ee3ac3b0996f376d4d5f9f634462885cc80c8c96faad33ce4ac9738f4861d210
2e94a777e3b86474913bb95e457207c645956b53f41a39149418d806be8a6aa1
c0b15dd5e2891d0cae70dfd3aa4133f10c0524422ac182a318374cd8bd60a0b9
6700397538f7728ac74978524eabc72aae7181ee6d0e93c2a48f36db57688bb6
bd15ec4a83c9d22f2286e791ed115876a98e71bfb7224f5035ee8a051e0cdb8e
66d355c4fbc73bb386176696cd964f915403899c7da498c3d4cb681498549c8a
37f6baf19ba82d25631df39407596a5ba99e5d9ea6b28d2b67b28ea12c6c3eeb
20f629f3b10d2d61bd07cc2e0b4cf96e9b67e4f3795a0bcfef085771bd98ae28
6922550edceae316a1034c8ecdcba9b048b6d33961cb224e8ee75af09da431c1
f425eca962009fd8dce70e62102260852fed120654718777311faedb1e5999a4
959d0029c8d5ca6cd2558753ed6ceae093bdc3d47a135ad624aa9c60873ca226
d58fa9c24d58a28f8c33134ae5b13845a503d3fbc22457b261678358900e8860
abd479ae9e4b975c9d75e5652238136154b071a032d12256238f9411f48fee65
94be3eda6dadca191219e6d6a9b8040af2b2666dbaf38cb1a5ecf01f36b810cb
2595a4b202c5ca535962ba616ce907f811683d934cf00b266106860ddce00faf
466b494ef96d7f7ad6b2bb1c3b29dec61e9114a966d121a213cc8499de9f0374
db05ec5c490457f10dd8fb7a7e908c79ca06bd09638144dea3f9bc04ca9cedef
2e42dcb63ce6ab8e0c985e0e9c3b40a5ecbbe798b0a6c477cd39c123344c7d2b
a0482b6b606cdc97e0e863d21dae54c423389adb58cbdc5f7b5094bcd34f01d4
a04ef19314d164f2f5d0d88a228cfbe667a773ca7441fdfb525b088641cee057
222c0a8b5aa876d94d3614dca3591b889090bd9301178cd4ec8baa063cf76271
06f9945b722aa15c01b27c5d31faa3747f915b7b4f5a9071e535cd0ab2295b6e
9e0b99883bacdd8bf450ce4482030b3bb870662ddfd4c19b89aecc59b555ebf1
b6dfc646f839806e00c29caaeeb0d4e50968f591a8c2b7f2af8d8780bbd643bf
733a22a88cd20d924eb527f310048a6fe8edc8674ff3187557c320bbb895235d
2d0d123729af4b4800f33b117359906e6fcbd4eca8ddd44a19284395bcb4b063
3fe00972cea01da5ee95b7495905aafd5a4ccc338da94a7997c502016bd2e571
2e2bc9d03eee65d5457bbd975bea1d07a616bf64f1b0a6466d9ceb5549473955
9733868cfd42dccf876372845daff275fce62f2926b29930fbc45f3d5cad4147
8de4b51dc58ed65d401eebdf4c8a0834b6dd442c2dab5ce6e4d51897432ecac3
4fc7a05b1e1f87bbd9bb1920dc36949c01d6d854c75f328494217e3fcface091
5a85af3e3d8de4f9d8ee3f0e7077cc5560731b0d52caf1495c5332b16f157eba
fe854ddec5c7621d98c1fc8c0ac33c67fa273783e0a37bcc360f60b6e4e5f31e
7c1cf258c4d49df4df6e9fcc71be4d3e5d585e29f04369f8af6700b9015ce4eb
93cc419ee939602a610353fcff8b4c34960c1b354733c6f8300a7a684f220fb6
e89223c81ab126b4d3e982fe70ef5c59fe810386594c7fd348672ceef8acfc28
5c46e527603d3ae47b9fc7963a303bf64d60bfde6c902f8c9b1fd44ea2f74449
a73a1a0b55c18085c146c9b1fcbfb5e8e722302a97b7b1d33c37ed9a15d6e991
5e2cf59006fc91445683799f1452afefd424560fc9db7746d0341c52c8fb9600
4550dda0ee7fce24f8cdef2feff3046cd0c37cc8348fd0ec809662864f09a437
28db02b7d3597fe78b61868c211761309b742a8ec9257c1c2bafaaab051235d9
f6c2c2d59678c3d041bc78d50acdc820a3fe7fb4d0202cd1a2f4e14383d38260
3630b9fd9d3d3f24c1b3116118f7068b48c74201938a8fdfaa4d32116d383abe
96f65fdd17e0597a18fd472faa0b80452ce17a85ec2bae585131929f905267ed
275db2bbbd631acf176a14e1830ef2c2bd6037b888b17a291aeb38d4810b0648
4877734fd58cf75e5243fc62cc99d963c1fbae62eb1cbd1d241f868d69344f9c
d6310b8de496d7a7d90e34526b30b9b95057680c34d13cd17dcfc4e010c6049f
cf169aa5a037cf9872e83a0afaec0d754782e3031b97c20ab82d5a4cc236cd84
SH256 hash:
c96cde4c6b6ff50ca4b6374c7bc4b69932fbf43e451cf8d66f29c2797878f6a1
MD5 hash:
5241d1c09684d0ffa5694baf2e3269b4
SHA1 hash:
7596a737a08f6cccce0664b0f72a9d3db1371331
Link:
https://www.unpac.me/results/01e9e997-a2c3-486e-8a75-2e393c0b53bc/
SH256 hash:
222c0a8b5aa876d94d3614dca3591b889090bd9301178cd4ec8baa063cf76271
MD5 hash:
cbd1a9967624895157677ed3a9e3c17b
SHA1 hash:
66085cb1b55deb72bc21e4d62b1c3e90c3db4732
Link:
https://www.unpac.me/results/01e9e997-a2c3-486e-8a75-2e393c0b53bc/
Malware family:
RedNet
Create hunting rule
Verdict:
Malicious
Link:
https://www.vmray.com/analyses/_mb/222c0a8b5aa8/report/overview.html
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Redline
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/222c0a8b5aa876d94d3614dca3591b889090bd9301178cd4ec8baa063cf76271

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

RedLineStealer

Executable exe 222c0a8b5aa876d94d3614dca3591b889090bd9301178cd4ec8baa063cf76271

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/2539943/
  
Delivery method
Distributed via web download
Cape
Cape
https://www.capesandbox.com/analysis/365990/

Comments