Overview

overview

10

Static

static

10

635f338696...dd.exe

windows7-x64

10

635f338696...dd.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    635f338696b41acaeadbb8b1371009dcd33f0c5089e9587a8634c9fa9408e8dd.zip

  • Size

    51KB

  • Sample

    230328-mzj71aae62

  • MD5

    dd9286c2b1f8b4600d5ab8c468bf0e12

  • SHA1

    58a97d1a00f37e3ecbde8c1ed0b53329673c45d9

  • SHA256

    40e67e04a61b0ed4f035f3a4aad652f6af42360b1348c8826d48c59faa898801

  • SHA512

    be31ae415da8ccb0fd37f35a41cd296e46f321fc8c99dbef19ccc3cef7ebbc294cbe8caa527105fa027605ebd33d64649e040223ef7c5b991ca86203d7526ce4

  • SSDEEP

    768:BtG/l++VpIvJGxNH+Uh4/GJWmgUNx7he1s8CN6xorL20A6pf1EdtWTdjDNU:BM/o+yUU/ez7sNxCyLkeAxDNU

Score
10/10
redlinedentdiscoveryinfostealerspywarestealer

Malware Config

Extracted

Family

redline

Botnet

dent

C2

193.233.20.33:4125

Attributes
  • auth_value

    e795368557f02e28e8aef6bcb279a3b0

Targets

    • Target

      635f338696b41acaeadbb8b1371009dcd33f0c5089e9587a8634c9fa9408e8dd

    • Size

      175KB

    • MD5

      eea2f89c390ed5eb2444dbb194fed5dd

    • SHA1

      f66a14925a2ed9575f48ad2294d2662cdaec4713

    • SHA256

      635f338696b41acaeadbb8b1371009dcd33f0c5089e9587a8634c9fa9408e8dd

    • SHA512

      4076f85b09f049c9b2bcc02927a6a10c046716e4a9acddf5a17b6958b6638a5fc6fd6b228804f140d9b4c88d9fffca33313b52fb1d9c2d4867842bca9c6002fb

    • SSDEEP

      3072:s9xqZWBJaHEDgXp5lCe159Eh4bxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOuwY:sHqZV7ljEh

    Score
    10/10
    redlinedentdiscoveryinfostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks