Overview

overview

10

Static

static

8

9f590d08b1...39.exe

windows7_x64

10

9f590d08b1...39.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9f590d08b1ae4bb8e0b830873a012e39.exe

  • Size

    344KB

  • Sample

    210116-91t8tkhnta

  • MD5

    9f590d08b1ae4bb8e0b830873a012e39

  • SHA1

    fd47052a81f8696823c477ace14ad8a74ed0b00a

  • SHA256

    0e8375f9c64761af219e6001c52889f3fbc65ab818d76deda8f04b549cb076ec

  • SHA512

    4d26188e6c4ad36add09767bc4b847fecfaa167018cc565081f46a4bfb0dd0905e14275d659be2bf9cbea50d75b2b2def91c202f624a620a9a404ec3dfe5f0eb

Score
10/10
redlinediscoveryinfostealerspywareupx

Malware Config

Targets

    • Target

      9f590d08b1ae4bb8e0b830873a012e39.exe

    • Size

      344KB

    • MD5

      9f590d08b1ae4bb8e0b830873a012e39

    • SHA1

      fd47052a81f8696823c477ace14ad8a74ed0b00a

    • SHA256

      0e8375f9c64761af219e6001c52889f3fbc65ab818d76deda8f04b549cb076ec

    • SHA512

      4d26188e6c4ad36add09767bc4b847fecfaa167018cc565081f46a4bfb0dd0905e14275d659be2bf9cbea50d75b2b2def91c202f624a620a9a404ec3dfe5f0eb

    Score
    10/10
    redlinediscoveryinfostealerspyware

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine Payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks