General
Target

49025966d2dd612fc1e423b01620debfd4c97701aefe2.exe

Size

1MB

Sample

210518-w542592d32

Score
10/10
MD5

d6109df4ffa4303e3c30ba997735b689

SHA1

65ac8413b14d7ccb6c848e849caa0de7900116ee

SHA256

49025966d2dd612fc1e423b01620debfd4c97701aefe26a836cea9e2f2d6ab47

SHA512

5e735b12e77ab991c9d54b701645268579f154573aa8a04d8bf2cdb5ed59d3a8ede9f5e55cbce848cd5323fa1e6b3950d12ec5bb7a0bebb403d3711979e1cc8b

Malware Config

Extracted

Family

redline

Botnet

1111

C2

65.21.144.202:62942

Targets
Target

49025966d2dd612fc1e423b01620debfd4c97701aefe2.exe

MD5

d6109df4ffa4303e3c30ba997735b689

Filesize

1MB

Score
10/10
SHA1

65ac8413b14d7ccb6c848e849caa0de7900116ee

SHA256

49025966d2dd612fc1e423b01620debfd4c97701aefe26a836cea9e2f2d6ab47

SHA512

5e735b12e77ab991c9d54b701645268579f154573aa8a04d8bf2cdb5ed59d3a8ede9f5e55cbce848cd5323fa1e6b3950d12ec5bb7a0bebb403d3711979e1cc8b

Tags

Signatures

  • RedLine

    Description

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    Tags

  • RedLine Payload

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local SystemCredentials in Files
  • Accesses cryptocurrency files/wallets, possible credential harvesting

    Tags

    TTPs

    Data from Local SystemCredentials in Files
  • Checks installed software on the system

    Description

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    Tags

    TTPs

    Query Registry
  • Suspicious use of SetThreadContext

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Defense Evasion
      Execution
        Exfiltration
          Impact
            Initial Access
              Lateral Movement
                Persistence
                  Privilege Escalation
                    Tasks

                    static1

                    Score
                    N/A