Overview

overview

10

Static

static

b134f49f0f...d0.exe

windows7_x64

10

b134f49f0f...d0.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b134f49f0fa367b536ce1d05ec03fbd0.exe

  • Size

    666KB

  • Sample

    210217-3sfk6ryds2

  • MD5

    b134f49f0fa367b536ce1d05ec03fbd0

  • SHA1

    dfd1cf8d18c7dfbfb42db3c60afc2d35b0597f64

  • SHA256

    2937afa694e2560413f2860dd1b71019b1b89839b08317a9d79a651a80486645

  • SHA512

    bf8cf4409014f1ee5c5766aa5866066499ac11e6f1e24d0d30a79bfd6b9d6b315670af31951764dd8349e2ea818b97bb05a3cc1d8888d3aa35f2f5fed1e07e8b

Score
10/10
redlinediscoveryinfostealerspyware

Malware Config

Targets

    • Target

      b134f49f0fa367b536ce1d05ec03fbd0.exe

    • Size

      666KB

    • MD5

      b134f49f0fa367b536ce1d05ec03fbd0

    • SHA1

      dfd1cf8d18c7dfbfb42db3c60afc2d35b0597f64

    • SHA256

      2937afa694e2560413f2860dd1b71019b1b89839b08317a9d79a651a80486645

    • SHA512

      bf8cf4409014f1ee5c5766aa5866066499ac11e6f1e24d0d30a79bfd6b9d6b315670af31951764dd8349e2ea818b97bb05a3cc1d8888d3aa35f2f5fed1e07e8b

    Score
    10/10
    redlinediscoveryinfostealerspyware

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine Payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks