Overview

overview

10

Static

static

8

c42c574acc...fb.exe

windows7_x64

10

c42c574acc...fb.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c42c574acc963c0041700758094ab7fb.exe

  • Size

    343KB

  • Sample

    210116-esxk2l2342

  • MD5

    c42c574acc963c0041700758094ab7fb

  • SHA1

    5c3ff1be7da451976438f6f8c1fd1aadd8823093

  • SHA256

    5550b1e0d878ef2c7296596d9a7a44d380b48c77121d8cf4f04289ac7ab9a1e6

  • SHA512

    f2583334c76a21edac1f8b36bb3d72166d3b9fc0ba9da42c31b70facac666a5357cf20974854973fa6721d8754cdd28e77eb3a5d41ee73160fc8c223a433ca41

Score
10/10
redlinediscoveryinfostealerspywareupx

Malware Config

Targets

    • Target

      c42c574acc963c0041700758094ab7fb.exe

    • Size

      343KB

    • MD5

      c42c574acc963c0041700758094ab7fb

    • SHA1

      5c3ff1be7da451976438f6f8c1fd1aadd8823093

    • SHA256

      5550b1e0d878ef2c7296596d9a7a44d380b48c77121d8cf4f04289ac7ab9a1e6

    • SHA512

      f2583334c76a21edac1f8b36bb3d72166d3b9fc0ba9da42c31b70facac666a5357cf20974854973fa6721d8754cdd28e77eb3a5d41ee73160fc8c223a433ca41

    Score
    10/10
    redlinediscoveryinfostealerspyware

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine Payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks