Overview

overview

7

Static

static

3

SecuriteIn...37.exe

windows7-x64

7

SecuriteIn...37.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.Trojan.PWS.RedLineNET.6.22408.337.exe

  • Size

    14.0MB

  • Sample

    230823-nw95padd5s

  • MD5

    a71609fea0887e5261e10f323719ed19

  • SHA1

    405e439c837a15ca67d8ccf7a810ffb097173af4

  • SHA256

    59bd3b30ff0e9c2d1d335cb7cd8d305fa047e79cd0873b1a02936d9d999a35ff

  • SHA512

    2f75a1ce40e63dfdd7612501795a017bd98362f87b43ffabc142b9e3ad99f159ff97fbf3cf63e204fbd7a2c83d5e4fcb6eb06df92ed266562051fa2d22359c61

  • SSDEEP

    12288:Csxmdj2NtdggxR2FCLDNToj5taAtw6J4lmEDHJy1XiIopXQXZnOa33w6HVtIuClJ:HdhxR2FiNToj5IAH+y2a33w6EbjvxVC

Score
7/10

Malware Config

Targets

    • Target

      SecuriteInfo.com.Trojan.PWS.RedLineNET.6.22408.337.exe

    • Size

      14.0MB

    • MD5

      a71609fea0887e5261e10f323719ed19

    • SHA1

      405e439c837a15ca67d8ccf7a810ffb097173af4

    • SHA256

      59bd3b30ff0e9c2d1d335cb7cd8d305fa047e79cd0873b1a02936d9d999a35ff

    • SHA512

      2f75a1ce40e63dfdd7612501795a017bd98362f87b43ffabc142b9e3ad99f159ff97fbf3cf63e204fbd7a2c83d5e4fcb6eb06df92ed266562051fa2d22359c61

    • SSDEEP

      12288:Csxmdj2NtdggxR2FCLDNToj5taAtw6J4lmEDHJy1XiIopXQXZnOa33w6HVtIuClJ:HdhxR2FiNToj5IAH+y2a33w6EbjvxVC

    Score
    7/10

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scripting

1
T1064

Persistence

Privilege Escalation

Defense Evasion

Scripting

1
T1064

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks