Overview

overview

10

Static

static

1

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    349KB

  • Sample

    230216-zbt4hsbd61

  • MD5

    170bdbea99c02862621f2a306d5bcfc5

  • SHA1

    a7ff093a4a2421ee860d780b6f97d81263cf9abb

  • SHA256

    62bbbc76a94055cb8bf057876b5e1be76bfc9bd15c57c23c9e22cd0cc3d62827

  • SHA512

    9d55f36042d3de57ad99c955bb94123fce8e36187dea7ef2fc4bd60693012cd47d4013c3fa6fca5e4804d2ca40eefee305f90f134d54c3dee9abd6b830cbb6a4

  • SSDEEP

    6144:GtLinc//54Yns+uZzQ3LwWyTljlJeQtMpf+WM5frH7wLR:GtmngNnso3VyTplJnYmWMJb+

Score
10/10
redlinediscoveryinfostealerspywarestealer

Malware Config

Targets

    • Target

      file.exe

    • Size

      349KB

    • MD5

      170bdbea99c02862621f2a306d5bcfc5

    • SHA1

      a7ff093a4a2421ee860d780b6f97d81263cf9abb

    • SHA256

      62bbbc76a94055cb8bf057876b5e1be76bfc9bd15c57c23c9e22cd0cc3d62827

    • SHA512

      9d55f36042d3de57ad99c955bb94123fce8e36187dea7ef2fc4bd60693012cd47d4013c3fa6fca5e4804d2ca40eefee305f90f134d54c3dee9abd6b830cbb6a4

    • SSDEEP

      6144:GtLinc//54Yns+uZzQ3LwWyTljlJeQtMpf+WM5frH7wLR:GtmngNnso3VyTplJnYmWMJb+

    Score
    10/10
    redlinediscoveryinfostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks