Overview

overview

10

Static

static

1

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    302KB

  • Sample

    230213-keqg6sca34

  • MD5

    a7af73b9e45a60351058f9ca3927d63b

  • SHA1

    2cbfc8670374bbe542f7cf09e69690045a528293

  • SHA256

    d18ab230389f3443dc1eb30bf0ad8a542492548f6278a5ccb3e103abbd2876c2

  • SHA512

    bde40c2ac2658836e358535d03ae4e858f82150ac7d8432fad6f89ec3a953084bbc3326ef697030b5618ff54557e69ac083151fad24eb5c1bdef65877adc3e3d

  • SSDEEP

    6144:6zfDe9xKU6zwhCMJ/NIJ1pkhYakpCNyEayAGxkW3ctO:8fD/rwhCM1uJ1pkFkptyLHcc

Score
10/10
redlinediscoveryinfostealerspywarestealer

Malware Config

Targets

    • Target

      file.exe

    • Size

      302KB

    • MD5

      a7af73b9e45a60351058f9ca3927d63b

    • SHA1

      2cbfc8670374bbe542f7cf09e69690045a528293

    • SHA256

      d18ab230389f3443dc1eb30bf0ad8a542492548f6278a5ccb3e103abbd2876c2

    • SHA512

      bde40c2ac2658836e358535d03ae4e858f82150ac7d8432fad6f89ec3a953084bbc3326ef697030b5618ff54557e69ac083151fad24eb5c1bdef65877adc3e3d

    • SSDEEP

      6144:6zfDe9xKU6zwhCMJ/NIJ1pkhYakpCNyEayAGxkW3ctO:8fD/rwhCM1uJ1pkFkptyLHcc

    Score
    10/10
    redlinediscoveryinfostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks