General
Target

DMVideo.exe

Size

353KB

Sample

210518-j1epb7f7re

Score
10/10
MD5

592c1cc435037d3cdc583e4b9ba1eec2

SHA1

7327e12960157f0a1077ae23193f4848398da801

SHA256

14d3995a5466c357fff817ac63a96da2f34c59453e1cbc28ba0315aef1c43cf8

SHA512

617da76d6e42e3e18d1f01e1af24bccc47cff08e7d09b6bc25d8d9642f5ab36c50cef461b431a1fe38d8846a54faa278e8f6e106a103b55f1cf46587dd9e7e3a

Malware Config

Extracted

Family

redline

Botnet

magsik

C2

185.215.113.45:3722

Targets
Target

DMVideo.exe

MD5

592c1cc435037d3cdc583e4b9ba1eec2

Filesize

353KB

Score
10/10
SHA1

7327e12960157f0a1077ae23193f4848398da801

SHA256

14d3995a5466c357fff817ac63a96da2f34c59453e1cbc28ba0315aef1c43cf8

SHA512

617da76d6e42e3e18d1f01e1af24bccc47cff08e7d09b6bc25d8d9642f5ab36c50cef461b431a1fe38d8846a54faa278e8f6e106a103b55f1cf46587dd9e7e3a

Tags

Signatures

  • RedLine

    Description

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    Tags

  • RedLine Payload

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local SystemCredentials in Files
  • Accesses cryptocurrency files/wallets, possible credential harvesting

    Tags

    TTPs

    Data from Local SystemCredentials in Files
  • Checks installed software on the system

    Description

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    Tags

    TTPs

    Query Registry
  • Suspicious use of SetThreadContext

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Defense Evasion
      Discovery
      Execution
        Exfiltration
          Impact
            Initial Access
              Lateral Movement
                Persistence
                  Privilege Escalation
                    Tasks

                    static1

                    Score
                    N/A

                    behavioral2

                    Score
                    10/10