Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    393KB

  • Sample

    230131-vj4kpsba8y

  • MD5

    e36f0dc59594d35fbec896966579fba0

  • SHA1

    da013ad9eb8f2e1eaa4c4017667dda2280719c02

  • SHA256

    49d194281c086f1c38423a4f96747a87bc06854185658015dc8378d40f940907

  • SHA512

    8ac452be0c21a9e3dd7c2af825c96e008f76f3a53342925efcc6c991246b2e941eb523e18e80e3c5338a3e7c7c7749f08127f2e049f252f82a59e43cddbc1d93

  • SSDEEP

    6144:D4/bLDgXu7J8yGeL6gPLlJDkN6iAk0hbX3VruJ1ybgmqMoIx8M:cDvQQJ5tlJ46imnVaJ1yjqM7

Score
10/10
redlinediscoveryinfostealerspywarestealer

Malware Config

Targets

    • Target

      file.exe

    • Size

      393KB

    • MD5

      e36f0dc59594d35fbec896966579fba0

    • SHA1

      da013ad9eb8f2e1eaa4c4017667dda2280719c02

    • SHA256

      49d194281c086f1c38423a4f96747a87bc06854185658015dc8378d40f940907

    • SHA512

      8ac452be0c21a9e3dd7c2af825c96e008f76f3a53342925efcc6c991246b2e941eb523e18e80e3c5338a3e7c7c7749f08127f2e049f252f82a59e43cddbc1d93

    • SSDEEP

      6144:D4/bLDgXu7J8yGeL6gPLlJDkN6iAk0hbX3VruJ1ybgmqMoIx8M:cDvQQJ5tlJ46imnVaJ1yjqM7

    Score
    10/10
    redlinediscoveryinfostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks