Overview

overview

10

Static

static

8

c1c11c2dea...63.exe

windows7_x64

10

c1c11c2dea...63.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c1c11c2deaa44f89902852b29dd3c263.exe

  • Size

    296KB

  • Sample

    210116-4y5dzvyrhn

  • MD5

    c1c11c2deaa44f89902852b29dd3c263

  • SHA1

    add50de2b2001b21b1db5aaccac2d4b4742f8a58

  • SHA256

    64cd31d1eee9e95282294430654cc7e38065803da4d3b9167e92b3efd9645584

  • SHA512

    8aa8cd9bd26f9c02e0ce2399e9d9818c716323e611cd7aff4c6c3fe9b8cf151f4cfd37028149c4c3403f72343ae89695c59f4f9e3486a52dc29f10e82a0f3142

Score
10/10
redlinediscoveryinfostealerspywareupx

Malware Config

Targets

    • Target

      c1c11c2deaa44f89902852b29dd3c263.exe

    • Size

      296KB

    • MD5

      c1c11c2deaa44f89902852b29dd3c263

    • SHA1

      add50de2b2001b21b1db5aaccac2d4b4742f8a58

    • SHA256

      64cd31d1eee9e95282294430654cc7e38065803da4d3b9167e92b3efd9645584

    • SHA512

      8aa8cd9bd26f9c02e0ce2399e9d9818c716323e611cd7aff4c6c3fe9b8cf151f4cfd37028149c4c3403f72343ae89695c59f4f9e3486a52dc29f10e82a0f3142

    Score
    10/10
    redlinediscoveryinfostealerspyware

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine Payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks