redline | ef42ae97b53c0b06baab4e16b5348303ecf1d29db894bd857b63111e387235a5 | Triage

Submit
Reports

Overview

overview

Static

static

bb0c7c3de7...0f.exe

windows7_x64

bb0c7c3de7...0f.exe

windows10_x64

Sharing

General

Target

bb0c7c3de7df87cab6e7962ceab62b0f.exe
Size

106KB
Sample

210317-jh5z66r3l2
MD5

bb0c7c3de7df87cab6e7962ceab62b0f
SHA1

b0a4634c0693661e992ccdae680445e5c0f94583
SHA256

ef42ae97b53c0b06baab4e16b5348303ecf1d29db894bd857b63111e387235a5
SHA512

0eab39ec9053e271e1f9bc38840fb5efd399ce41bf6e34668e30f6334416965b62ed443d2476317aaa83a0bde9241b95e1f96fa177e17a993e6905551aa821cd

Score

10^/10

redline discovery infostealer spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

bb0c7c3de7df87cab6e7962ceab62b0f.exe

Resource

win7v20201028

redline discovery infostealer spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

bb0c7c3de7df87cab6e7962ceab62b0f.exe

Resource

win10v20201028

redline discovery infostealer spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  bb0c7c3de7df87cab6e7962ceab62b0f.exe
- Size
  
  106KB
- MD5
  
  bb0c7c3de7df87cab6e7962ceab62b0f
- SHA1
  
  b0a4634c0693661e992ccdae680445e5c0f94583
- SHA256
  
  ef42ae97b53c0b06baab4e16b5348303ecf1d29db894bd857b63111e387235a5
- SHA512
  
  0eab39ec9053e271e1f9bc38840fb5efd399ce41bf6e34668e30f6334416965b62ed443d2476317aaa83a0bde9241b95e1f96fa177e17a993e6905551aa821cd
Score

10^/10

redline discovery infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redlinediscoveryinfostealerspywarestealer

behavioral2

redlinediscoveryinfostealerspywarestealer

© 2018-2024

Terms | Privacy