Overview

overview

10

Static

static

csgopro.bin.exe

windows7_x64

10

csgopro.bin.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    csgopro.bin.zip

  • Size

    209KB

  • Sample

    201211-br1zba25tj

  • MD5

    2539d1316bce24aa67d989c75e362133

  • SHA1

    8e9af769467c9d27a01f4b603859226870868a0b

  • SHA256

    8899f9ead57b86974845651c866ddc7a39d57c49b9502a8b8821dc8ece167658

  • SHA512

    e7fdc446bc2e83ab40fa84ce784dff586ddaa80452d1d718352d1f127907d1a5072817731b22aeff22e08851c7b517d6f54ed28e99c9a8b6d303e027d2ec586f

Score
10/10
redlinediscoveryinfostealerspyware

Malware Config

Targets

    • Target

      csgopro.bin

    • Size

      263KB

    • MD5

      62996dac9026b7927ca1d5f734c8976f

    • SHA1

      80f5675e6b5be2916e67156351970509218dc68d

    • SHA256

      7e0f51296fd9f692628fb72cd71a087f3ee70e532699b7134bc4a596c897b8f1

    • SHA512

      eda7a9e05f0bfd4db7fd9bc5de1c875edd661fbc3ec85616234c580784a2c0735d7fb317d71759b32dd9392790011d4e59df6ccc7e41942d4f8774fb0b3be640

    Score
    10/10
    redlinediscoveryinfostealerspyware

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine Payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks