redline | 0a2b7ec564796acc3d0785dc0d3d80d4f3e26e70ce32a6b1db19895cb03b32cd | Triage

Submit
Reports

Overview

overview

Static

static

59fa543ac7...1b.exe

windows7_x64

59fa543ac7...1b.exe

windows10_x64

Sharing

General

Target

59fa543ac741c1bdae35959c2f594d1b.exe
Size

405KB
Sample

210620-4knr942yex
MD5

59fa543ac741c1bdae35959c2f594d1b
SHA1

c0442edb9a706662798dd2da31def02d5af9e071
SHA256

0a2b7ec564796acc3d0785dc0d3d80d4f3e26e70ce32a6b1db19895cb03b32cd
SHA512

baa1cf77c1c2cc7a252bd5c830d76b29da0aacb92389665866eb87f3f20a062154caff2246a4beece9e4e747419adcb9965ac1d5b82dd9cfe81ff76ce49c067d

Score

10^/10

redline discovery infostealer spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

59fa543ac741c1bdae35959c2f594d1b.exe

Resource

win7v20210410

redline discovery infostealer spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

59fa543ac741c1bdae35959c2f594d1b.exe

Resource

win10v20210410

redline discovery infostealer spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  59fa543ac741c1bdae35959c2f594d1b.exe
- Size
  
  405KB
- MD5
  
  59fa543ac741c1bdae35959c2f594d1b
- SHA1
  
  c0442edb9a706662798dd2da31def02d5af9e071
- SHA256
  
  0a2b7ec564796acc3d0785dc0d3d80d4f3e26e70ce32a6b1db19895cb03b32cd
- SHA512
  
  baa1cf77c1c2cc7a252bd5c830d76b29da0aacb92389665866eb87f3f20a062154caff2246a4beece9e4e747419adcb9965ac1d5b82dd9cfe81ff76ce49c067d
Score

10^/10

redline discovery infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redlinediscoveryinfostealerspywarestealer

behavioral2

redlinediscoveryinfostealerspywarestealer

© 2018-2024

Terms | Privacy