Overview

overview

10

Static

static

10

2c29a46c78...ce.exe

windows7-x64

10

2c29a46c78...ce.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2c29a46c787d902eb8dc996bff9dd5f55d28c9a069f4cf418c39a7aa3760a0ce.zip

  • Size

    51KB

  • Sample

    230328-nkxefscd2t

  • MD5

    aaeb0f811c62cbf8e56d50051917b723

  • SHA1

    510e2fe984e916b9e0d67205cc39e105786c4a8f

  • SHA256

    9bf8a47a4bc8b332ec8bb2e20a7d96b80b26544a65f7d7719e726bff90b60d9b

  • SHA512

    e1844e1109a5e1a15ae69d5bc49f19c63756e5c415440b8477a377ae2dfe8968f719a9473287b27f4819695aa6913808798cfbbb9334d328e49ade1a709771c9

  • SSDEEP

    768:/tG/l++VpIvJGxNH+Uh4/GJWmgUNx7he1s8CN6xorL20A6pf1EdtWTdjDNR:/M/o+yUU/ez7sNxCyLkeAxDNR

Score
10/10
redlinedentdiscoveryinfostealerspywarestealer

Malware Config

Extracted

Family

redline

Botnet

dent

C2

193.233.20.33:4125

Attributes
  • auth_value

    e795368557f02e28e8aef6bcb279a3b0

Targets

    • Target

      2c29a46c787d902eb8dc996bff9dd5f55d28c9a069f4cf418c39a7aa3760a0ce

    • Size

      175KB

    • MD5

      aaf761941601ac896df6bd5cf602f70f

    • SHA1

      b9763ba75f75d75d338d1e72b8a8eab1e18bf06d

    • SHA256

      2c29a46c787d902eb8dc996bff9dd5f55d28c9a069f4cf418c39a7aa3760a0ce

    • SHA512

      5552ff3370d9413779432d94f3125900f55e868f2695893d5a1fe418733a1d0e311d39f8dc3070e8fa72fab54305bb7f21da53e92b1e5389d5c07d14bed5bced

    • SSDEEP

      3072:s9xqZWBJaHEDgXp5lCe159Eh4bxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOuwY:sHqZV7ljEh

    Score
    10/10
    redlinedentdiscoveryinfostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks