Overview

overview

10

Static

static

8

addc4da6b8...92.exe

windows7_x64

10

addc4da6b8...92.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    addc4da6b84c4cdef13423e06dcd1492.exe

  • Size

    319KB

  • Sample

    210115-efjsbj1nle

  • MD5

    addc4da6b84c4cdef13423e06dcd1492

  • SHA1

    45c14d4cc9a6b4133ef991423107186049e8ff2b

  • SHA256

    c69abca6861cab059b6ae9f8745b25359ab757af64c6388efd386d04f87bafda

  • SHA512

    2b00e23490d3fd8625e7ccb9a0f5f7a115132d5fbe0ac9e79edbf49729b92b9f2851b35d36b4b344b6ec91bd1c2f424c92282e142ad2d2ad6dd6490d50cb0ad4

Score
10/10
redlinediscoveryinfostealerspywareupx

Malware Config

Targets

    • Target

      addc4da6b84c4cdef13423e06dcd1492.exe

    • Size

      319KB

    • MD5

      addc4da6b84c4cdef13423e06dcd1492

    • SHA1

      45c14d4cc9a6b4133ef991423107186049e8ff2b

    • SHA256

      c69abca6861cab059b6ae9f8745b25359ab757af64c6388efd386d04f87bafda

    • SHA512

      2b00e23490d3fd8625e7ccb9a0f5f7a115132d5fbe0ac9e79edbf49729b92b9f2851b35d36b4b344b6ec91bd1c2f424c92282e142ad2d2ad6dd6490d50cb0ad4

    Score
    10/10
    redlinediscoveryinfostealerspyware

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine Payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks