Overview

overview

10

Static

static

1

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    file

  • Size

    390KB

  • Sample

    230205-w6s8xsad57

  • MD5

    3d015f5d62ae7f40a4d7aa2eefaab51f

  • SHA1

    37f460de07387f4ee22b91099be031c53aa3a7ab

  • SHA256

    0f1a8733e9f3c83999fc7188087dd0f1f8339c3c13f2df64b0ea8dbeb9b2df84

  • SHA512

    4589f5f6b53a404f704e083755f16a54ecfec4e3e09492e38a82fdb332a1bf7eaef4484c1286572f6463880b913092159385070cc7fe51fa4005ed9de51c2d61

  • SSDEEP

    6144:CP0WzdgL2/TuuQj9UiCmWm4Rg1FgB1fFlXZMemD/5ywLe+WEi:CP0Wzq6/ij+izRFgbF5ArvLPw

Score
10/10
redlinediscoveryinfostealerspywarestealer

Malware Config

Targets

    • Target

      file

    • Size

      390KB

    • MD5

      3d015f5d62ae7f40a4d7aa2eefaab51f

    • SHA1

      37f460de07387f4ee22b91099be031c53aa3a7ab

    • SHA256

      0f1a8733e9f3c83999fc7188087dd0f1f8339c3c13f2df64b0ea8dbeb9b2df84

    • SHA512

      4589f5f6b53a404f704e083755f16a54ecfec4e3e09492e38a82fdb332a1bf7eaef4484c1286572f6463880b913092159385070cc7fe51fa4005ed9de51c2d61

    • SSDEEP

      6144:CP0WzdgL2/TuuQj9UiCmWm4Rg1FgB1fFlXZMemD/5ywLe+WEi:CP0Wzq6/ij+izRFgbF5ArvLPw

    Score
    10/10
    redlinediscoveryinfostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks