Overview

overview

10

Static

static

3

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    417KB

  • Sample

    230519-mbxs7adc54

  • MD5

    c9f8bfac21ae6f00da524670c4ebc6f2

  • SHA1

    46bd75b36aabf4869228e71335f0c6ce06b16173

  • SHA256

    9893ec0e2902925018922ca40cc3495001dec4ccd32137cc13566c74bd1438e1

  • SHA512

    0ddbeae1292d1dedc6b5f99a9d7b82922fd46d4bbd02bf5f819aa42f630c736aab5a02988d67e981fef9e6e578c83ef767ef0bc47f9a1d9b16b857c223e73c2d

  • SSDEEP

    6144:z1NqjBg23Lr8fybt81TtW2KVAvu65EHBoR76JrnM93Tue:yjWMr8fy21hWt0R5EhoR7PDue

Score
10/10
redlinediscoveryinfostealerspywarestealer

Malware Config

Targets

    • Target

      file.exe

    • Size

      417KB

    • MD5

      c9f8bfac21ae6f00da524670c4ebc6f2

    • SHA1

      46bd75b36aabf4869228e71335f0c6ce06b16173

    • SHA256

      9893ec0e2902925018922ca40cc3495001dec4ccd32137cc13566c74bd1438e1

    • SHA512

      0ddbeae1292d1dedc6b5f99a9d7b82922fd46d4bbd02bf5f819aa42f630c736aab5a02988d67e981fef9e6e578c83ef767ef0bc47f9a1d9b16b857c223e73c2d

    • SSDEEP

      6144:z1NqjBg23Lr8fybt81TtW2KVAvu65EHBoR76JrnM93Tue:yjWMr8fy21hWt0R5EhoR7PDue

    Score
    10/10
    redlinediscoveryinfostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks