General
Target

04875c48adccb44ffcb18af8ac581112.exe

Size

377KB

Sample

220427-q88thagca7

Score
10/10
MD5

04875c48adccb44ffcb18af8ac581112

SHA1

e83a38e661ef63de1ba879a1e22186a16d65c358

SHA256

3cd108b7f88e3c35febc8858c5bfe4d3737d4b5596a0616d0ac259a5333c8b44

SHA512

932393210b26e7b46c082b7bf441f7a2ad7e622b4cc596336a7733b80f408327a4da713edf9139bda8e98435575041e4e028e28c759a1d8e02bd5f7bac29f4fb

Malware Config

Extracted

Family

redline

Botnet

1

C2

77.232.36.171:31078

Attributes
auth_value
9570c1130d94c3bb18e6065c4cf89298
Targets
Target

04875c48adccb44ffcb18af8ac581112.exe

MD5

04875c48adccb44ffcb18af8ac581112

Filesize

377KB

Score
10/10
SHA1

e83a38e661ef63de1ba879a1e22186a16d65c358

SHA256

3cd108b7f88e3c35febc8858c5bfe4d3737d4b5596a0616d0ac259a5333c8b44

SHA512

932393210b26e7b46c082b7bf441f7a2ad7e622b4cc596336a7733b80f408327a4da713edf9139bda8e98435575041e4e028e28c759a1d8e02bd5f7bac29f4fb

Tags

Signatures

  • RedLine

    Description

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    Tags

  • RedLine Payload

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local SystemCredentials in Files
  • Accesses cryptocurrency files/wallets, possible credential harvesting

    Tags

    TTPs

    Data from Local SystemCredentials in Files
  • Adds Run key to start application

    Tags

    TTPs

    Registry Run Keys / Startup FolderModify Registry
  • Checks installed software on the system

    Description

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    Tags

    TTPs

    Query Registry
  • Legitimate hosting services abused for malware hosting/C2

    TTPs

    Web Service

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Defense Evasion
    Execution
      Exfiltration
        Impact
          Initial Access
            Lateral Movement
              Privilege Escalation
                Tasks

                static1

                Score
                N/A

                behavioral2

                Score
                7/10