Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    4.2MB

  • Sample

    221103-tfmx4scbd3

  • MD5

    e72291c3a221e8a195b6f445cb5b3367

  • SHA1

    f17ea7aae8d1c6af4399f543df2d9d3d57e62748

  • SHA256

    35914984b758d4dea8f6f8557f42b49a5ff64909a7a90fe3aea3f587ad8fd505

  • SHA512

    0234c3f71247dfb8f2be54b2a50bcffadb487c8e89a0e9d4ff86b0b9027b2d3146866d2cef48ddae5ae378612e239ca0bef45c390e7d4ee74cd982e1c99adc03

  • SSDEEP

    98304:wMfNsjsgnhRmdxJeoOXDxMhfgbjYUPCnjmRuF8bXR:PsAgnPKjyDx8f2YRlFm

Score
10/10
redlinediscoveryinfostealerspywarestealer

Malware Config

Targets

    • Target

      file.exe

    • Size

      4.2MB

    • MD5

      e72291c3a221e8a195b6f445cb5b3367

    • SHA1

      f17ea7aae8d1c6af4399f543df2d9d3d57e62748

    • SHA256

      35914984b758d4dea8f6f8557f42b49a5ff64909a7a90fe3aea3f587ad8fd505

    • SHA512

      0234c3f71247dfb8f2be54b2a50bcffadb487c8e89a0e9d4ff86b0b9027b2d3146866d2cef48ddae5ae378612e239ca0bef45c390e7d4ee74cd982e1c99adc03

    • SSDEEP

      98304:wMfNsjsgnhRmdxJeoOXDxMhfgbjYUPCnjmRuF8bXR:PsAgnPKjyDx8f2YRlFm

    Score
    10/10
    redlinediscoveryinfostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks