88273d6853a74113616beb04d419eaae786646e358aa158d8f204890f385c779

General
Target

88273d6853a74113616beb04d419eaae786646e358aa158d8f204890f385c779

Size

416KB

Sample

220521-skprtshgh5

Score
10 /10
MD5

3f9fa9eda535e8bbba665fb4466fd64d

SHA1

50737150378d24054642505217458cd33de9e36e

SHA256

88273d6853a74113616beb04d419eaae786646e358aa158d8f204890f385c779

SHA512

413d9a05088c3bcf4bb1dcea6e4f2e09c9f99c920dbba883ed0e8715694a8baaa1034a2ab7a77c50c679e1565fb2ea85931f85c5fec0eb6c64474c971a588772

Malware Config

Extracted

Family redline
Botnet RuzkiUNIKALNO
C2

193.233.48.58:38989

Attributes
auth_value
c504b04cfbdd4bf85ce6195bcb37fba6
Targets
Target

88273d6853a74113616beb04d419eaae786646e358aa158d8f204890f385c779

MD5

3f9fa9eda535e8bbba665fb4466fd64d

Filesize

416KB

Score
10/10
SHA1

50737150378d24054642505217458cd33de9e36e

SHA256

88273d6853a74113616beb04d419eaae786646e358aa158d8f204890f385c779

SHA512

413d9a05088c3bcf4bb1dcea6e4f2e09c9f99c920dbba883ed0e8715694a8baaa1034a2ab7a77c50c679e1565fb2ea85931f85c5fec0eb6c64474c971a588772

Tags

Signatures

  • RedLine

    Description

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    Tags

  • RedLine Payload

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local SystemCredentials in Files
  • Accesses cryptocurrency files/wallets, possible credential harvesting

    Tags

    TTPs

    Data from Local SystemCredentials in Files
  • Checks installed software on the system

    Description

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    Tags

    TTPs

    Query Registry

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Defense Evasion
      Discovery
      Execution
        Exfiltration
          Impact
            Initial Access
              Lateral Movement
                Persistence
                  Privilege Escalation