Overview

overview

10

Static

static

1d4f86998f...77.exe

windows7_x64

10

1d4f86998f...77.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1d4f86998febcd63769ffabf86ad4177.exe

  • Size

    395KB

  • Sample

    210305-8tbz2j6xjx

  • MD5

    1d4f86998febcd63769ffabf86ad4177

  • SHA1

    827697cbe8330e344117703942328d5ce2027f95

  • SHA256

    e273f65f5eff32aa37c8e88a9cc825b4826eabc8b8e708d850a0b4a3bdd60b8a

  • SHA512

    a1c7184794b40bb60e70ced361222e65a684368e1b4f7092d0161386a9010c9e8cc8261708bfe445a71251e35298811f8a380a152d9f0092512e4f4205f794c5

Score
10/10
redlinediscoveryinfostealerspyware

Malware Config

Targets

    • Target

      1d4f86998febcd63769ffabf86ad4177.exe

    • Size

      395KB

    • MD5

      1d4f86998febcd63769ffabf86ad4177

    • SHA1

      827697cbe8330e344117703942328d5ce2027f95

    • SHA256

      e273f65f5eff32aa37c8e88a9cc825b4826eabc8b8e708d850a0b4a3bdd60b8a

    • SHA512

      a1c7184794b40bb60e70ced361222e65a684368e1b4f7092d0161386a9010c9e8cc8261708bfe445a71251e35298811f8a380a152d9f0092512e4f4205f794c5

    Score
    10/10
    redlinediscoveryinfostealerspyware

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Query Registry

1
T1012

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks