MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 458d776a78396a0b2a3a7f2a66304e5ceb05038b50ad936cecaeba7c584807db. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence 1 File information 3 Yara Comments

SHA256 hash: 458d776a78396a0b2a3a7f2a66304e5ceb05038b50ad936cecaeba7c584807db
SHA3-384 hash: 14c21a527ea573067a78045dfcdd649e8205f7d500fa976d2d8ba8773dd2ecb71e6e65962213d72e680dccb015ce70f1
SHA1 hash: 86b2e10d572be2c3d05a4b0fc3a2f441fd30d38b
MD5 hash: 0e466b730016adff5bcf8b6abfdb5dc8
humanhash: william-alabama-indigo-fix
File name:0e466b730016adff5bcf8b6abfdb5dc8.exe
Download: download sample
Signature RedLineStealer
File size:988'160 bytes
First seen:2020-06-30 13:50:37 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 2302c7d2bec8288d05bcff6e73d703af
ssdeep 24576:bLRJ9l8A4gOEcGFnfKXmlBf72RhDS6BRirYHGCq:vvOcFf9f72zS6BRirwGC
TLSH 8E2512313381DC70D4826430F924D6B06F6DBC7355B566877BA87F3F2E726C1162A2AA
Reporter @abuse_ch
Tags:exe RedLineStealer


Mail intelligence No data
# of uploads 1
# of downloads 36
Origin country US US
CAPE Sandbox Detection:n/a
CERT.PL MWDB Detection:n/a
ReversingLabs :Status:Malicious
Threat name:Win32.Trojan.Kryptik
First seen:2020-06-30 12:41:46 UTC
AV detection:26 of 31 (83.87%)
Threat level:   5/5
Spamhaus Hash Blocklist :Malicious file
Hatching Triage Score:   10/10
Malware Family:redline
Tags:infostealer family:redline evasion spyware trojan discovery
VirusTotal:Virustotal results 27.78%

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download


Executable exe 458d776a78396a0b2a3a7f2a66304e5ceb05038b50ad936cecaeba7c584807db

(this sample)

Delivery method
Distributed via web download