Overview

overview

10

Static

static

ca65a8331e...8f.exe

windows7_x64

10

ca65a8331e...8f.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ca65a8331e95305fc9ef541933a7e48f.exe

  • Size

    402KB

  • Sample

    210313-re461jamka

  • MD5

    ca65a8331e95305fc9ef541933a7e48f

  • SHA1

    eef8aa298f25b68ed297a8f2e52b06f37c0e2a1b

  • SHA256

    6f9ca1a18eb9a5c5938a9a74a1072a44fbd16685172468e61c7a564a8175c9a7

  • SHA512

    6d8dc364bc3c86a4b2e61c729ed531141c6c0756be3d29b7c26531903d5e5ada0609f43a53593ceee412f2d16b8decd4aed7d0db83c60c3d4be200bd4c025002

Score
10/10
redlinediscoveryinfostealerspywarestealer

Malware Config

Targets

    • Target

      ca65a8331e95305fc9ef541933a7e48f.exe

    • Size

      402KB

    • MD5

      ca65a8331e95305fc9ef541933a7e48f

    • SHA1

      eef8aa298f25b68ed297a8f2e52b06f37c0e2a1b

    • SHA256

      6f9ca1a18eb9a5c5938a9a74a1072a44fbd16685172468e61c7a564a8175c9a7

    • SHA512

      6d8dc364bc3c86a4b2e61c729ed531141c6c0756be3d29b7c26531903d5e5ada0609f43a53593ceee412f2d16b8decd4aed7d0db83c60c3d4be200bd4c025002

    Score
    10/10
    redlinediscoveryinfostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine Payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Query Registry

1
T1012

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks