Overview

overview

10

Static

static

UNIAPT Launcher.exe

windows7-x64

10

UNIAPT Launcher.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    UNIAPT Launcher.exe

  • Size

    4.1MB

  • Sample

    221206-xlxw2sgf5z

  • MD5

    b6174655a6f8d89147b7a1f8ca50bea7

  • SHA1

    532f032933935b8acc856accb2e648e2c9a86b6c

  • SHA256

    9f20dcac19fb7fe1b341d073280ccd40ecb48b2abe2853c63e6caa0b332ed59a

  • SHA512

    8797edacac81507a262468cce3f3ef51e8d19efa3b2ead4a91977e0f21bbf9328cb2dc1d944f84ba2a6aada2a456d7c6e4e6d92c1e132773774e2eb811f802a2

  • SSDEEP

    98304:04G8n8I1ohmFCaRKfmBkR9RZ9BjB3A6k933:03IChHCkXNv3AR9

Score
10/10
redlinepureinfostealerspyware

Malware Config

Extracted

Family

redline

Botnet

pure

C2

79.137.199.206:45354

Attributes
  • auth_value

    8b46395e5b5a65e5013db82b3dfbcb69

Targets

    • Target

      UNIAPT Launcher.exe

    • Size

      4.1MB

    • MD5

      b6174655a6f8d89147b7a1f8ca50bea7

    • SHA1

      532f032933935b8acc856accb2e648e2c9a86b6c

    • SHA256

      9f20dcac19fb7fe1b341d073280ccd40ecb48b2abe2853c63e6caa0b332ed59a

    • SHA512

      8797edacac81507a262468cce3f3ef51e8d19efa3b2ead4a91977e0f21bbf9328cb2dc1d944f84ba2a6aada2a456d7c6e4e6d92c1e132773774e2eb811f802a2

    • SSDEEP

      98304:04G8n8I1ohmFCaRKfmBkR9RZ9BjB3A6k933:03IChHCkXNv3AR9

    Score
    10/10
    redlinepureinfostealerspyware

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks