MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 93d0f20b6f99e830bd77a28ed91b53fa904280e4b2ab75a92d99a5056f3a4952. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


RedLineStealer


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 93d0f20b6f99e830bd77a28ed91b53fa904280e4b2ab75a92d99a5056f3a4952
SHA3-384 hash: c61e4d057fb83632cfe5c4c5f3ba262b04e87b2c6592dd0c206690c848aaa9df71d8b171cea01be46103d45d404787db
SHA1 hash: 46fe63de770c87d98767f67ae8085a6f6a9027ae
MD5 hash: e5df0a08c4c3d96eb267122eedf5ecf1
humanhash: mountain-mississippi-kitten-harry
File name:RiseSkinchanger.rar
Download: download sample
Signature RedLineStealer
Create hunting rule
File size:538'890 bytes
First seen:2022-07-02 16:06:31 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 12288:bv/+tYdjmAXjay9+PvXEWmIck1CCC/QVXVrokkuZo:bvWtUjmAXjn4HXEW9CvyF4p
TLSH T19FB433810CD18D62BAA666FDB608454D3551BFAE0FC80C7E7F0564EDD3F6A2880FD629
TrID 61.5% (.RAR) RAR compressed archive (v5.0) (8000/1)
38.4% (.RAR) RAR compressed archive (gen) (5000/1)
Reporter iam_py_test
Tags:rar


Avatar
iam_py_test
Password-protected RAR file. The password is 2022
This was reported at https://forums.malwarebytes.com/topic/287876-im-posting-a-malware-to-ask-if-anyone-know-the-type-of-this-malware/ (account required)

Intelligence

File Origin
# of uploads :
1
# of downloads :
281
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Heur.32095.4361.UNOFFICIAL
Create hunting rule

Gathering data
Result
Verdict:
UNKNOWN
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/93d0f20b6f99e830bd77a28ed91b53fa904280e4b2ab75a92d99a5056f3a4952/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=spipec3pthudbplxukhnsg2t7kiefahewkvxlkjntgsqk3z2jfja._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

RedLineStealer

rar 93d0f20b6f99e830bd77a28ed91b53fa904280e4b2ab75a92d99a5056f3a4952

(this sample)

Executable exe 339022094a1725ae16b8a0571fa0ec432194af1331c69394254c71e942719297

RedLineStealer

Executable exe e0ff8d0d8988b4804a0442c0185f5e200849ad725a301678af8fd2c3ac81182c

  
Dropping
SHA256 e0ff8d0d8988b4804a0442c0185f5e200849ad725a301678af8fd2c3ac81182c
  
Delivery method
Distributed via web download
  
Dropping
MD5 b5d26e5a6cf0eb72d54f6fefd87ceffb

Comments