Overview

overview

10

Static

static

1

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file

  • Size

    318KB

  • Sample

    230521-b6arcsff92

  • MD5

    34c735aac13c12757a8e954f87f6852c

  • SHA1

    5d0c1b22263578abf5a9cf9f2b8327dd91dc3935

  • SHA256

    82b28da9dd8874b827052827a6a1214ec59689001373a71c9f7dfb8b3f56c3df

  • SHA512

    a20437e1f984ca5f1087c8f8e88fc53484b93910847f2c2c691421fd5fd3857832e44f5d204f43f228ce83585033dd9eac48948d9f4c574c06cdbebf112d6571

  • SSDEEP

    6144:ZPKnmlp1JPMWi7Q0VMxWwkTUI1LfXk0mTv:ZjlpHMWKQ0VgWwkTFXkd

Score
10/10
redlineinfostealerspyware

Malware Config

Targets

    • Target

      file

    • Size

      318KB

    • MD5

      34c735aac13c12757a8e954f87f6852c

    • SHA1

      5d0c1b22263578abf5a9cf9f2b8327dd91dc3935

    • SHA256

      82b28da9dd8874b827052827a6a1214ec59689001373a71c9f7dfb8b3f56c3df

    • SHA512

      a20437e1f984ca5f1087c8f8e88fc53484b93910847f2c2c691421fd5fd3857832e44f5d204f43f228ce83585033dd9eac48948d9f4c574c06cdbebf112d6571

    • SSDEEP

      6144:ZPKnmlp1JPMWi7Q0VMxWwkTUI1LfXk0mTv:ZjlpHMWKQ0VgWwkTFXkd

    Score
    10/10
    redlineinfostealerspyware

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks