Overview

overview

10

Static

static

3

074f10e317...aa.exe

windows7-x64

10

074f10e317...aa.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    074f10e3171398d417f88386376174aa

  • Size

    215KB

  • Sample

    230609-k4vhesbg34

  • MD5

    074f10e3171398d417f88386376174aa

  • SHA1

    3b74a2774ea976fb176bad99342530a68230c8c0

  • SHA256

    facefae11fd0db592cea87e2b45617052c35740735fa4f11be38fb54dce3f077

  • SHA512

    2412d1e0925a6531733748394d8bc05c3e5f30eb5b1c860c96cd30063f3fc45521535eb8379add23a031f74a0b65c0da33e5d674297a25fa61a91fd4222a18d6

  • SSDEEP

    3072:D+fIudvB/4u9x4gEWUHjmy+u33264nykAsWH2swsgr1HnZzjpMe+8Ti:1qp/zP4BSyG64nykAsc2sVghoe+8Ti

Score
10/10
redlineinfostealerspyware

Malware Config

Targets

    • Target

      074f10e3171398d417f88386376174aa

    • Size

      215KB

    • MD5

      074f10e3171398d417f88386376174aa

    • SHA1

      3b74a2774ea976fb176bad99342530a68230c8c0

    • SHA256

      facefae11fd0db592cea87e2b45617052c35740735fa4f11be38fb54dce3f077

    • SHA512

      2412d1e0925a6531733748394d8bc05c3e5f30eb5b1c860c96cd30063f3fc45521535eb8379add23a031f74a0b65c0da33e5d674297a25fa61a91fd4222a18d6

    • SSDEEP

      3072:D+fIudvB/4u9x4gEWUHjmy+u33264nykAsWH2swsgr1HnZzjpMe+8Ti:1qp/zP4BSyG64nykAsc2sVghoe+8Ti

    Score
    10/10
    redlineinfostealerspyware

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Uses the VBS compiler for execution

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks