MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a3d5b36f6bf32386cb45befc10693eee48606edc18587769357338a4a2b9161a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence 1 File information 2 Yara Comments

SHA256 hash: a3d5b36f6bf32386cb45befc10693eee48606edc18587769357338a4a2b9161a
SHA3-384 hash: 26d24ab459b49f0a72f7180f744ba2448b8d03849e636aadedce09c9d8af4fe8f3facdcb64cfcdaab41b17eebce081ba
SHA1 hash: 6682ccf09ee9c15fce3100a94edced4023a2a752
MD5 hash: d92a5027064b179847af499a35df1b41
humanhash: nebraska-ink-shade-sodium
File name:d92a5027064b179847af499a35df1b41.exe
Download: download sample
Signature RedLineStealer
File size:601'088 bytes
First seen:2020-06-30 19:23:53 UTC
Last seen:2020-06-30 19:52:23 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash 9df0376eebbb1789af13c87424174a69
ssdeep 12288:b0gG5/SOUHEFVnmG7qzB/U/nAIn4DblPCCOKeoqDq5:cNSTHEjmG7q1Cr4DblJOKjqDq5
TLSH 75D402127752D476C4213130BC59F2B16A3E78705F62A14B37A83B3EEE327E0AA35759
Reporter @abuse_ch
Tags:exe RedLineStealer

RedLineStealer C2:


Mail intelligence No data
# of uploads 2
# of downloads 32
Origin country US US
ClamAV PUA.Win.Downloader.Aiis-6803892-0
CERT.PL MWDB Detection:n/a
ReversingLabs :Status:Malicious
Threat name:Win32.Trojan.Kryptik
First seen:2020-06-30 19:25:05 UTC
AV detection:29 of 48 (60.42%)
Threat level:   5/5
Spamhaus Hash Blocklist :Malicious file
Hatching Triage Score:   10/10
Malware Family:redline
Tags:spyware infostealer family:redline evasion trojan discovery
VirusTotal:Virustotal results 25.35%

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download


Executable exe a3d5b36f6bf32386cb45befc10693eee48606edc18587769357338a4a2b9161a

(this sample)

Delivery method
Distributed via web download