Overview

overview

10

Static

static

8

0e0cdc834d...49.exe

windows7_x64

10

0e0cdc834d...49.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0e0cdc834d81f86b7808a1e39f209f49.exe

  • Size

    295KB

  • Sample

    210116-461bcg18pn

  • MD5

    0e0cdc834d81f86b7808a1e39f209f49

  • SHA1

    8443a48dab5e601f31e73c0f7abfbb8922984d71

  • SHA256

    47126dae0ad329479b538ce8d1c466712ef5eb53fb206ab2f27ba2b51762756d

  • SHA512

    80637daf1c384b5e53f7c95dd29884df45ca463244112a3a5887cd9b4211b5f268da60009c847944f612ff690a3bc9938bb30dae6a00541152a178db196841d1

Score
10/10
redlinediscoveryinfostealerspywareupx

Malware Config

Targets

    • Target

      0e0cdc834d81f86b7808a1e39f209f49.exe

    • Size

      295KB

    • MD5

      0e0cdc834d81f86b7808a1e39f209f49

    • SHA1

      8443a48dab5e601f31e73c0f7abfbb8922984d71

    • SHA256

      47126dae0ad329479b538ce8d1c466712ef5eb53fb206ab2f27ba2b51762756d

    • SHA512

      80637daf1c384b5e53f7c95dd29884df45ca463244112a3a5887cd9b4211b5f268da60009c847944f612ff690a3bc9938bb30dae6a00541152a178db196841d1

    Score
    10/10
    redlinediscoveryinfostealerspyware

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine Payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks