Overview

overview

10

Static

static

10

06f49c2616...7b.exe

windows7-x64

10

06f49c2616...7b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    06f49c26163af6ccef24778065b06a7b.exe

  • Size

    136KB

  • Sample

    230526-xbrbhsgg27

  • MD5

    06f49c26163af6ccef24778065b06a7b

  • SHA1

    daa9b25daaa69178a9028fdbe33797577a447039

  • SHA256

    61aedb263020f4abacca1130ecda6f04eb7e99f838ccd0955a6fa2930379aa1c

  • SHA512

    1a88db32021a6949a929a352b590a51cfdfb8742de88cd446c718bbf7241ce7af455f15150ad943d35728347ac1a56d50ee6505e75c1ecb190f792440d95782e

  • SSDEEP

    1536:CKiTAbFbppdeKoQuwdwpq9JWLwh4j5nbVBhVdFvHPsYgibfbFDKsRu:CBAbFbppGV0F4dbb/dFvHUYgafJlu

Score
10/10
redlinediscoveryinfostealerspywarestealer

Malware Config

Targets

    • Target

      06f49c26163af6ccef24778065b06a7b.exe

    • Size

      136KB

    • MD5

      06f49c26163af6ccef24778065b06a7b

    • SHA1

      daa9b25daaa69178a9028fdbe33797577a447039

    • SHA256

      61aedb263020f4abacca1130ecda6f04eb7e99f838ccd0955a6fa2930379aa1c

    • SHA512

      1a88db32021a6949a929a352b590a51cfdfb8742de88cd446c718bbf7241ce7af455f15150ad943d35728347ac1a56d50ee6505e75c1ecb190f792440d95782e

    • SSDEEP

      1536:CKiTAbFbppdeKoQuwdwpq9JWLwh4j5nbVBhVdFvHPsYgibfbFDKsRu:CBAbFbppGV0F4dbb/dFvHUYgafJlu

    Score
    10/10
    redlinediscoveryinfostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks