Overview

overview

10

Static

static

1

39e90e4da4...92.exe

windows7-x64

10

39e90e4da4...92.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    39e90e4da4486f82c8ecd4b60671dfaf58c5ad7009aa5a0ed02823e399d1b692.zip

  • Size

    241KB

  • Sample

    230208-lwm9tahe3x

  • MD5

    9b17a19f7d2f9b82b0f0a0a2caa94fc2

  • SHA1

    2a040dc3537e04c2a38e8bbba671c281997b0b64

  • SHA256

    abc9b4b8d21791fe32bac72f634b22bae6a93de27225c0a1b425d5a09b0b75b1

  • SHA512

    a5e53a8a51df7f4573396f1becacc9beb0c8ee6f617a3d3622ebbfe7da5ddbf07adc4e829d4e49435c566e6c479c9e7d4243ece47766375e76c8bdb4942e499f

  • SSDEEP

    6144:624JiavJGltxHPO1IfWo1lhDrIgHTjOIhwO3o:Sx+f6ahlTJ3o

Score
10/10
redlinediscoveryinfostealerspywarestealer

Malware Config

Targets

    • Target

      39e90e4da4486f82c8ecd4b60671dfaf58c5ad7009aa5a0ed02823e399d1b692.exe

    • Size

      301KB

    • MD5

      09028f821999ca87b9c54d7ea5eff807

    • SHA1

      54f59bff88d0bce74932812df1e4907e3c350821

    • SHA256

      39e90e4da4486f82c8ecd4b60671dfaf58c5ad7009aa5a0ed02823e399d1b692

    • SHA512

      490ea2a1e1817ea19f73d0b10e446e8869c883b099db4c60c6c53c38f05a6996ab98cbe7ab69ce7eee0a62314374de8efa8c7e97f59a523991b4588991456aa6

    • SSDEEP

      6144:kfotY3sLL0ExMxgEhgeGPDZFGjSrR0FgeFHIdeDitP+7Lfcugjn:kfot+sX0E2hgeGnGu0DnDsP+vfc

    Score
    10/10
    redlinediscoveryinfostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks