Overview

overview

10

Static

static

1

7aaf04040e...ba.exe

windows7-x64

10

7aaf04040e...ba.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d680bba3d9207b75f696767d029439b4.bin

  • Size

    269KB

  • Sample

    230328-czw7fsad6w

  • MD5

    a9b5bb6ef361cc7742659c33d72ae774

  • SHA1

    31bdb76cbd45b47de95af77122ca3977a71f07b8

  • SHA256

    ee733786c84ac839bc1918a9d77d23a302b3d69d6de6535ab783307f4414a614

  • SHA512

    8bb6f0f291e1d903a50c3d34300938a961536bab6da7be4a1bf2af481aa2ec056a88b57c133e0372f6dca0e565d2bf61a3013fb252dec49473ee57b1c4cc1c01

  • SSDEEP

    6144:tg+GCryBAjdmj7I0sKb8rqjFxFySXBODyspXs2izSrGzG2/3SrE:tg+GCrySjdmvwG/jZcFpX1mSSGsiE

Score
10/10
redline@chicagodiscoveryinfostealerspywarestealer

Malware Config

Extracted

Family

redline

Botnet

@chicago

C2

185.11.61.125:22344

Attributes
  • auth_value

    21f863e0cbd09d0681058e068d0d1d7f

Targets

    • Target

      7aaf04040e8a288cdda12125c8e8c601220ec6480bba4822a136f4095c37a4ba.exe

    • Size

      380KB

    • MD5

      d680bba3d9207b75f696767d029439b4

    • SHA1

      8e21bda97791d6ce539c36bedee296467a42eeba

    • SHA256

      7aaf04040e8a288cdda12125c8e8c601220ec6480bba4822a136f4095c37a4ba

    • SHA512

      243e036d2c9bf1f844571ee85c5bb8f3c89d6bf3299baf8be7b53afa5d078e8780fe2e5db5c5fb3eb549b259b903436c5ba95dc680ce2fe9753f26b29c4df87d

    • SSDEEP

      6144:rGbKYa3qCQvmWzgMWc2L/555sOqc8igD+D0+clP96FOc/VUNN4T:rGbKR3qFO4Wc2tIcDgLEUN

    Score
    10/10
    redline@chicagodiscoveryinfostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks