Overview

overview

10

Static

static

1

n0des-downloader.exe

windows7-x64

10

n0des-downloader.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    n0des-downloader.exe

  • Size

    316KB

  • Sample

    230516-paay5shg3z

  • MD5

    c121fb3f802d3c2c2774d279a5b658d3

  • SHA1

    b809947028672f7840ab7eca77aeb7a29dddbc1b

  • SHA256

    b071131b4822c690af1cfe537a14e2bd0c6cbeb71d9088615f1b8bd4179efc62

  • SHA512

    2ac764237f3427bd3ecaa6af29ed544330c89266bac1aca766c0685219e4ae53638d72b293ac6d956af6299148cb8d7ed2aebdfe89b5c15593792efe8dc00141

  • SSDEEP

    6144:LymrEkZJ3gDuJc8zta2JV9JG2FBJhFuuqpMKfCtixM:Lymtv3guzI69JGeJnuXpDfxC

Score
10/10
redlineinfostealerspyware

Malware Config

Targets

    • Target

      n0des-downloader.exe

    • Size

      316KB

    • MD5

      c121fb3f802d3c2c2774d279a5b658d3

    • SHA1

      b809947028672f7840ab7eca77aeb7a29dddbc1b

    • SHA256

      b071131b4822c690af1cfe537a14e2bd0c6cbeb71d9088615f1b8bd4179efc62

    • SHA512

      2ac764237f3427bd3ecaa6af29ed544330c89266bac1aca766c0685219e4ae53638d72b293ac6d956af6299148cb8d7ed2aebdfe89b5c15593792efe8dc00141

    • SSDEEP

      6144:LymrEkZJ3gDuJc8zta2JV9JG2FBJhFuuqpMKfCtixM:Lymtv3guzI69JGeJnuXpDfxC

    Score
    10/10
    redlineinfostealerspyware

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks