Overview

overview

10

Static

static

3

InstallerS...IP.exe

windows7-x64

1

InstallerS...IP.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    InstallerSKl.rar

  • Size

    821KB

  • Sample

    230522-fmkjnsha2z

  • MD5

    e06270ff0394b5fe5635369761647075

  • SHA1

    990147dae75522b68c7bcd9f66c4ab6f0011ddd0

  • SHA256

    21d9448dbdd97d74e6024010a74b0652dd7841de5c0529c28ef563f649a8e777

  • SHA512

    411bfc846c2f16c03295db5277942a030a473826531680a0a58c952e4618ae99854a4acd4b08d6662e2e5083fd938648720eaa897eea6ac17b6769b713226758

  • SSDEEP

    12288:82IpCvaca2YubFR8l/ZCg1eHUxpvxGfiCO9FijzTlFKs2blkdExfDW9d:WMaFLubFCPIHU4fq0jzBFKFblkdExfg

Score
10/10
redlineinfostealerspyware

Malware Config

Targets

    • Target

      InstallerSKl/InstallersOSIP.exe

    • Size

      1023.0MB

    • MD5

      aefdb9cead572ed27bdbad5ac35a1b6b

    • SHA1

      91db918ee3a2983c9a9feabb12d35391a5ff65da

    • SHA256

      32611a6bd75666b1ace52253083c713a61a5f7562f700e5649d6fa9a46bec144

    • SHA512

      0206d654138c3a47c90b21a77aa143db177e0622f7cc753ffe7068baa6e2254f6ffb2d36069370ab3c51d8494530c60b2e451a6bbdd99f337ffcecb00fd6951b

    • SSDEEP

      12288:ioctx9C6SUMM9Q1IzFryXqme47HdqJbUp6tqFEGoiLVpwvxOgON0R6hxle+6J+Ap:iocpOsQupryamP7Hdq9tICGr/wvfUQn

    Score
    10/10
    redlineinfostealerspyware

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks