MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 92b8718fd64c7d13e9ea54a69ac7c1a52b57680d34c74d38c2b8ac1eb53f217c. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


RedLineStealer


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 92b8718fd64c7d13e9ea54a69ac7c1a52b57680d34c74d38c2b8ac1eb53f217c
SHA3-384 hash: b6b24c33fb8b5634a44a25cdb10e634a1d74cd373b3f7d1e3439f32ecc225035695c99f7b8abc727b883ca92b145595c
SHA1 hash: 34af0c0ffedda759dcd913c29ec883d0e44d5f81
MD5 hash: 53bead9f9e25c9411b8b2718626e304d
humanhash: cardinal-six-november-carbon
File name:53bead9f9e25c9411b8b2718626e304d.exe
Download: download sample
Signature RedLineStealer
Create hunting rule
File size:588'800 bytes
First seen:2020-06-28 16:24:04 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 57c390af9293cee083b29d2c64084ffa (3 x RedLineStealer, 1 x TrickBot)
ssdeep 12288:Karb8erySzXfP2in7Eww4oQzb6xZrqVIeZ9b8Hczv6bH42d50vqFC8:Kasyy2X2GQww4oQH6xZroLb86CbpNv
Threatray 38 similar samples on MalwareBazaar
TLSH F7C40211F2A1F039E5E32275A069E57015BE7C32C5705297371B233EAF726A09F7932A
Reporter abuse_ch
Tags:exe RedLineStealer

Intelligence

File Origin
# of uploads :
1
# of downloads :
88
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://www.capesandbox.com/analysis/15231/
Detection(s):
SecuriteInfo.com.Malware.PDB-11.UNOFFICIAL
Create hunting rule

PUA.Win.Downloader.Aiis-6803892-0
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/92b8718fd64c7d13e9ea54a69ac7c1a52b57680d34c74d38c2b8ac1eb53f217c/
Threat name:
Win32.Trojan.TrickBot
Create hunting rule
Status:
Malicious
First seen:
2020-06-28 16:25:05 UTC
AV detection:
26 of 29 (89.66%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=sk4hdd6wjr6rh2pkkstjvr6buuvvo2angtdu2ogcxcwb5nj7ef6a._file
Verdict:
unknown
Similar samples:
01c399028ad16abaccdf9d4a200bc6146e06e20636c7111622d78d9393a2c7e1
RedLineStealer
0d204a3dcd80cbbf3063bfa130f163a4281c56bab9a5017faf6307025b5c829d
RedLineStealer
0fc6717ef7ff0ae8d2a2add4303127af4693cfa5abb81a5a3a3e06b079051b8e
RedLineStealer
110f27da9c8dc85e0c193a5d4bdade5019e4a1f9ffea49e9b3dc8eb069e2dbcc
RedLineStealer
1c76b631dd54f736e8bf3c822ab85e167c91fa18f19b7f38cc57e0aa4cfb6511
RedLineStealer
3cdd5ac1f77cc8ff3004c12ab7509caa9a451594768de26fee42ab76c609c239
RedLineStealer
44ccaaf3cc76edd1e184d8c65b13db79638fcbf8ed37b5883c34a1a8a7700901
RedLineStealer
619ed29c59b4f6a8ad37d7ae185713c12899726ed88fcc03524430669f4a3c6c
RedLineStealer
b47f74419de5db79da95d6d39d6e7e0da43a2bb2dc5770a0ee3715bcb2d76299
RedLineStealer
cb0d1f942e077021cc2fe8cfb688abd294398e407e9f5f851f35fddeb5e30bf9
RedLineStealer
+ 28 additional samples on MalwareBazaar
Result
Malware family:
n/a
Score:
  6/10
Tags:
n/a
Link:
https://tria.ge/reports/200628-s5ed6561js/
Behaviour
Checks processor information in registry
Legitimate hosting services abused for malware hosting/C2
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Cape
Cape
https://www.capesandbox.com/analysis/15231/

Comments