General
Target

24dc9485b3fcea21dc81118d045d6bd13ca40f04dcc905662b70f4ed5754f003.zip

Size

153KB

Sample

210520-qp6rcgd7ja

Score
10/10
MD5

a4b08c79caba24ba5324674c50cdf3dc

SHA1

e09ec6694b34b068984725db4624b6a104f2553e

SHA256

8c20d5beb112952d19593b2432d11e3022e69fb5e26ef160ff61b5613760b998

SHA512

b8aea9bf1206c520e053a9cbed09ec4732eb96c61e8458aca4c25cfec7fdd8fc88f696dbe78f74cff3a5f07c6570433353c4772e05eb0dbfdf80f8d0ff863516

Malware Config

Extracted

Family

redline

Botnet

KREATOR

C2

45.140.146.214:20498

Targets
Target

24dc9485b3fcea21dc81118d045d6bd13ca40f04dcc905662b70f4ed5754f003

MD5

4842156a83bbc8f5b1b46b0e2a597ab4

Filesize

569KB

Score
10/10
SHA1

bdda0f367bf93fa75e2bf4b632daab8b615c9c69

SHA256

24dc9485b3fcea21dc81118d045d6bd13ca40f04dcc905662b70f4ed5754f003

SHA512

f0fe9c63fc8fd1333297b76f7f0ed414535ffb4f8ab96906c8207840bf63688d8b6e0de8053e7882eeb616ddf83c8021d5940adc9fcba4e8fd1e342c67343f73

Tags

Signatures

  • RedLine

    Description

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    Tags

  • RedLine Payload

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local SystemCredentials in Files
  • Accesses cryptocurrency files/wallets, possible credential harvesting

    Tags

    TTPs

    Data from Local SystemCredentials in Files
  • Checks installed software on the system

    Description

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    Tags

    TTPs

    Query Registry
  • Suspicious use of SetThreadContext

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Defense Evasion
      Discovery
      Execution
        Exfiltration
          Impact
            Initial Access
              Lateral Movement
                Persistence
                  Privilege Escalation
                    Tasks

                    static1

                    Score
                    N/A