Overview

overview

10

Static

static

10

9ac2fd8de3...f7.exe

windows7-x64

10

9ac2fd8de3...f7.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9ac2fd8de31398fa46fd92a858ef3462914ec79c980f14ee6e98a998e5e49bf7.zip

  • Size

    51KB

  • Sample

    230328-m9mqwacc7t

  • MD5

    924d82b1a578488c1e1c1f251c05ff13

  • SHA1

    d1abc35e2dedf2dfcb7af0224f3466e6960cf8d3

  • SHA256

    68d13ddddaca6529372cc3f4dbc4315c236dfad42727f6baa29515b5e5b3facc

  • SHA512

    e419e71dc77330776cb7e611dd8249cf0810beb768192673a50410390762529001d626f146b8febd6c547b7436160cf988acba8a4e3a43f3b75fb571cf2a1c92

  • SSDEEP

    1536:5OuTeTnE72ASTtQX6MZPDjAWi6t3qQVPwRyeMJRc:5JyTnE7HSiX6MZPDjAQZqQVPwRyZJ2

Score
10/10
redlinefortdiscoveryinfostealerspywarestealer

Malware Config

Extracted

Family

redline

Botnet

fort

C2

193.233.20.33:4125

Attributes
  • auth_value

    5ea5673154a804d8c80f565f7276f720

Targets

    • Target

      9ac2fd8de31398fa46fd92a858ef3462914ec79c980f14ee6e98a998e5e49bf7

    • Size

      175KB

    • MD5

      fc4b9ee67a5e2a5c15c976299ac4c8c5

    • SHA1

      1e451901e2d96e819d5b16560e8cd76f2e3029d8

    • SHA256

      9ac2fd8de31398fa46fd92a858ef3462914ec79c980f14ee6e98a998e5e49bf7

    • SHA512

      349fd3ecbd82e46132c0adaa736c3843099232be84e4eff6ced4f7be4fc1acddebbae57e16df63d437f8bb43765d44b004c2e3cec0942f5798410406b3878b28

    • SSDEEP

      3072:ExqZWjfa8oty3NhMkRq4MeV59kh4rxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jQ:aqZCNhM8h9kh

    Score
    10/10
    redlinefortdiscoveryinfostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks