MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a12d74b1756d49531e21f755fef2049ab6c83626f0834cb945c781c39d40a177. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


RedLineStealer


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: a12d74b1756d49531e21f755fef2049ab6c83626f0834cb945c781c39d40a177
SHA3-384 hash: 2a6ebf599b55e1e8c31fd0e3b497dfcd8765af9db78da35a4371f28cd654cc528e748fc943363209df260f91fb06b505
SHA1 hash: e45fc85c4455d3739e90d1d1234872e92b35970a
MD5 hash: a97b6a7593351094a8ae7aafcd96ac5e
humanhash: football-avocado-uranus-snake
File name:PASSWORD_IS_825825____Winrar-602-x64-.zip
Download: download sample
Signature RedLineStealer
Create hunting rule
File size:8'100'964 bytes
First seen:2021-12-18 19:35:13 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 196608:nhFpWQgslw3QYgWPij8AT3OKKmy1Egf552Hna6L3PDhbjNkW:nheya3QYPbo3KmiEa5QnPp3
TLSH T1208633BBFB8613E9FA8137AFB979D90D09A996337910900D082C89E9073DD39C167477
Reporter iam_py_test
Tags:contains-exe zip


Avatar
iam_py_test
Pretends to be cracked software. The password is 825825

Intelligence

File Origin
# of uploads :
1
# of downloads :
404
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Result
Verdict:
MALICIOUS
Link:
https://labs.inquest.net/dfi/sha256/a12d74b1756d49531e21f755fef2049ab6c83626f0834cb945c781c39d40a177
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/a12d74b1756d49531e21f755fef2049ab6c83626f0834cb945c781c39d40a177/
Gathering data
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/a12d74b1756d49531e21f755fef2049ab6c83626f0834cb945c781c39d40a177

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

RedLineStealer

zip a12d74b1756d49531e21f755fef2049ab6c83626f0834cb945c781c39d40a177

(this sample)

RedLineStealer

Executable exe a2f9f5a099a6b1c2ba6789effefa150aec52c5587e85df9a6963fd03b55d4d57

  
Dropping
SHA256 a2f9f5a099a6b1c2ba6789effefa150aec52c5587e85df9a6963fd03b55d4d57
  
Delivery method
Distributed via web download

Comments