Overview

overview

10

Static

static

Stumpers.exe

windows7_x64

10

Stumpers.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Stumpers.exe

  • Size

    389KB

  • Sample

    211024-gcagdsdbh6

  • MD5

    600a6843f8c555c0d54de21596daf2f5

  • SHA1

    0cb686583dacfa4d6e5e7309ad323b02df723c16

  • SHA256

    a059841f9de1c6f01abf02a6f111f871185ff8cfcbfb8a841bb2401164960fe8

  • SHA512

    3bc3ec7ebd5847c88a706cc8fa0b2d741bd2b1ec59de92611e0207791f764e8b29e2f47c391e3827e56c020931e1643ecf1e59939e35111b52fe0c2293ca792f

Score
10/10
redlinediscoveryinfostealerspywarestealer

Malware Config

Targets

    • Target

      Stumpers.exe

    • Size

      389KB

    • MD5

      600a6843f8c555c0d54de21596daf2f5

    • SHA1

      0cb686583dacfa4d6e5e7309ad323b02df723c16

    • SHA256

      a059841f9de1c6f01abf02a6f111f871185ff8cfcbfb8a841bb2401164960fe8

    • SHA512

      3bc3ec7ebd5847c88a706cc8fa0b2d741bd2b1ec59de92611e0207791f764e8b29e2f47c391e3827e56c020931e1643ecf1e59939e35111b52fe0c2293ca792f

    Score
    10/10
    redlinediscoveryinfostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine Payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks