Overview

overview

10

Static

static

1

8a14a2521d...74.exe

windows7-x64

10

8a14a2521d...74.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    ed73395d8b913ce4fa9d20c8aed3b568.bin

  • Size

    234KB

  • Sample

    230216-cfrgvsfc55

  • MD5

    57451970cdf8f16f79de6eb1410c508b

  • SHA1

    a33a117aca0580bbc1d01a36bb8e12d04aa065eb

  • SHA256

    712f0022b8e5ba1c772c5ce8e55382db925c16da70649ce2c4ef876e47a267cc

  • SHA512

    74f710b7a603caa3610ee86c471235b3d47ac50582e8153a463dcbda8c72edeef29400754472367f0ec41f0bd9ad44c66a459d59fb8083f8d81f78237586786e

  • SSDEEP

    3072:lPtUw53zqhzlEw+cozo/+XdAqeH7UWQR3k+syIDm/xksUz0q4D7hFgGwsPlK1EM4:ttz3zSyw+a0d2YWckbsvRfffUii8j9

Score
10/10
redlinediscoveryinfostealerspywarestealer

Malware Config

Targets

    • Target

      8a14a2521d97e93b3ef602d1e2f4017cedb303cbc102bcd19486e7ad5c0c5b74.exe

    • Size

      288KB

    • MD5

      ed73395d8b913ce4fa9d20c8aed3b568

    • SHA1

      618ad505149e3aac845a62538970496ea7d8c937

    • SHA256

      8a14a2521d97e93b3ef602d1e2f4017cedb303cbc102bcd19486e7ad5c0c5b74

    • SHA512

      13c4f70b6ec8882ec9c2222cc6aa3ebe37b0875dfb3b483d1b29fbc72aa9ea379a127eeeaf1e896cad227dcf1ae3e0af4db99c3e7fc4789bc2ff1cfc4f7c1722

    • SSDEEP

      6144:iLiInwov5mOXJJ37iyOrxl+KLXeET4s0J1ZeAaVdpk7K:iOInw0mO5pJOX5LXemhsBapk7

    Score
    10/10
    redlinediscoveryinfostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks