Overview

overview

10

Static

static

3

Release.rar

windows10-2004-x64

3

Release/D3DX9_43.dll

windows10-2004-x64

1

Release/Eternal.exe

windows10-2004-x64

10

Resubmissions

15/08/2023, 15:51

230815-tasw6sde7v 10

15/08/2023, 15:37

230815-s2lfqsbe45 10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Release.rar

  • Size

    5.5MB

  • Sample

    230815-s2lfqsbe45

  • MD5

    85ca3fa9fe555aca124f78f910238bcb

  • SHA1

    8959d8f873454c4a07e2741049fb36dd3ee6bce9

  • SHA256

    63546e8a10cbbed76df0be077e74886c89c56517eaf0330fd42a6fdd00277d51

  • SHA512

    ef60a0fda0748f83ba10ca1d683cc42038a152beb72c803c1f3b7249dcb73e31b0b9bd782577b2a81f411316d2ce0309f57ca9ea6226bf49926a2be80626d77c

  • SSDEEP

    98304:lzGKwSqUjGMtoKwos6Uy64XmPC31z7p4JAwE0Y3E58c54uP6QBT7+ck8sXSVASXB:lTvBVto2sw3mPMlFfwyE58c54uP6OT7f

Score
10/10
redlineevasioninfostealer

Malware Config

Extracted

Language
ps1
Source
URLs
ps1.dropper

https://rentry.org/u7esw/raw

Targets

    • Target

      Release.rar

    • Size

      5.5MB

    • MD5

      85ca3fa9fe555aca124f78f910238bcb

    • SHA1

      8959d8f873454c4a07e2741049fb36dd3ee6bce9

    • SHA256

      63546e8a10cbbed76df0be077e74886c89c56517eaf0330fd42a6fdd00277d51

    • SHA512

      ef60a0fda0748f83ba10ca1d683cc42038a152beb72c803c1f3b7249dcb73e31b0b9bd782577b2a81f411316d2ce0309f57ca9ea6226bf49926a2be80626d77c

    • SSDEEP

      98304:lzGKwSqUjGMtoKwos6Uy64XmPC31z7p4JAwE0Y3E58c54uP6QBT7+ck8sXSVASXB:lTvBVto2sw3mPMlFfwyE58c54uP6OT7f

    Score
    3/10
    behavioral1

    • Target

      Release/D3DX9_43.dll

    • Size

      2.3MB

    • MD5

      7160fc226391c0b50c85571fa1a546e5

    • SHA1

      2bf450850a522a09e8d1ce0f1e443d86d934f4ad

    • SHA256

      84b900dbd7fa978d6e0caee26fc54f2f61d92c9c75d10b35f00e3e82cd1d67b4

    • SHA512

      dfab0eaab8c40fb80369e150cd36ff2224f3a6baf713044f47182961cd501fe4222007f9a93753ac757f64513c707c68a5cf4ae914e23fecaa4656a68df8349b

    • SSDEEP

      49152:dbCJsk4VlPXA+15Om5wxw9Qsi55K+31BhZ64nW:YIIBnW

    Score
    1/10
    behavioral2

    • Target

      Release/Eternal.exe

    • Size

      72KB

    • MD5

      fdf93af04efb9e342caa7ec77a7c07a6

    • SHA1

      a04beb1da6ce00f3b321e94cbc3aec50043efad2

    • SHA256

      72e73f186d0d2bdac5f6ff5793904c94b6101090a507d0b60a26a2f93e21e646

    • SHA512

      b6a88de5459742ba43a34a6e51040962dfc6d724e0c74dd0eac86146a99aa05f73c7215b75cd62c4413ddad3ce29431a4a9213c51eb158c6b999dc4c88906f55

    • SSDEEP

      1536:CzdzzBFDzjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj:CJzVZzjjjjjjjjjjjjjjjjjjjjjjjjjn

    Score
    10/10
    redlineevasioninfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Stops running service(s)

      evasion

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    behavioral3

MITRE ATT&CK Enterprise v15

Tasks