redline | 865ca01a0c270af79949d6250be9c5c563b044e8164aa6552c8b144c5a4122c3 | Triage

Submit
Reports

Overview

overview

Static

static

ca350c1389...67.exe

windows7_x64

ca350c1389...67.exe

windows10_x64

Sharing

General

Target

ca350c138932752f9bcad395fa494567.exe
Size

441KB
Sample

211023-g8bz4adbar
MD5

ca350c138932752f9bcad395fa494567
SHA1

33f44a9ac7f544e670978a5c0182caa2be3c7165
SHA256

865ca01a0c270af79949d6250be9c5c563b044e8164aa6552c8b144c5a4122c3
SHA512

7b196b2628bd6178f7b3031c7081cd7d40f53b77ea8823a1f504062ec18ec45b770189885f88f24ff7ded1a8abc88175f6ada60a163588fb66b5dcf639e3d0bd

Score

10^/10

redline discovery infostealer spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

ca350c138932752f9bcad395fa494567.exe

Resource

win7-en-20211014

redline discovery infostealer spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

ca350c138932752f9bcad395fa494567.exe

Resource

win10-en-20210920

redline discovery infostealer spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  ca350c138932752f9bcad395fa494567.exe
- Size
  
  441KB
- MD5
  
  ca350c138932752f9bcad395fa494567
- SHA1
  
  33f44a9ac7f544e670978a5c0182caa2be3c7165
- SHA256
  
  865ca01a0c270af79949d6250be9c5c563b044e8164aa6552c8b144c5a4122c3
- SHA512
  
  7b196b2628bd6178f7b3031c7081cd7d40f53b77ea8823a1f504062ec18ec45b770189885f88f24ff7ded1a8abc88175f6ada60a163588fb66b5dcf639e3d0bd
Score

10^/10

redline discovery infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redlinediscoveryinfostealerspywarestealer

behavioral2

redlinediscoveryinfostealerspywarestealer

© 2018-2024

Terms | Privacy