Overview

overview

10

Static

static

3

n9628571.exe

windows7-x64

10

n9628571.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    n9628571.exe

  • Size

    284KB

  • Sample

    230518-rhlfyscd23

  • MD5

    4e250c1c7c9d9f6414eeb68730682023

  • SHA1

    8444ed8b98e9d1923e7b98a5f10d6f1f374189c9

  • SHA256

    6de42677ba2aa3124ceaa23438c6045b65aafc5a1222c12c19cd9dc502f4633c

  • SHA512

    2c21f4795ed28d6430b010b669a692ddcd940358c9087affc30575330be1d7aa8b26d56d49163f55e05e0ebaf8ca9197124df76cb2a7d6c88eedd1376a7dd320

  • SSDEEP

    6144:FDKW1Lgbdl0TBBvjc/k/wqEWYqK0rVkt4lD:9h1Lk70TnvjcM/wqQAZkC

Score
10/10
redlinediscoveryinfostealerspywarestealer

Malware Config

Targets

    • Target

      n9628571.exe

    • Size

      284KB

    • MD5

      4e250c1c7c9d9f6414eeb68730682023

    • SHA1

      8444ed8b98e9d1923e7b98a5f10d6f1f374189c9

    • SHA256

      6de42677ba2aa3124ceaa23438c6045b65aafc5a1222c12c19cd9dc502f4633c

    • SHA512

      2c21f4795ed28d6430b010b669a692ddcd940358c9087affc30575330be1d7aa8b26d56d49163f55e05e0ebaf8ca9197124df76cb2a7d6c88eedd1376a7dd320

    • SSDEEP

      6144:FDKW1Lgbdl0TBBvjc/k/wqEWYqK0rVkt4lD:9h1Lk70TnvjcM/wqQAZkC

    Score
    10/10
    redlinediscoveryinfostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks