Overview

overview

10

Static

static

1

Setup.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Setup.exe

  • Size

    4.4MB

  • Sample

    230913-qmmddacb4s

  • MD5

    4f31c6d06b709d02171faa87661b8643

  • SHA1

    2e1009ccca971cd0041b149314b11c2ac6522732

  • SHA256

    52a739dd0e8220be711b3938accc43e9236672b993a3ca486bf73adbeaf1c063

  • SHA512

    2fb7f560479f3c7ea95b440ad3b3428f78334361f8e9ccc4275d0f1d5bdf01cc13e6255173bf1e1eacbc89da1ba0f8cce6cf3739b35ec5ecc01f97d147a00208

  • SSDEEP

    49152:BqrfmDZ6Pfb+j93RxDThWSK/ZdwdWdZfX/fc/2eIxJZJlLR2BQ6pHUivTqTZB0zQ:Bqu6PkduB/i2ecR2BQJims2D

Score
10/10
redlineinfostealerspyware

Malware Config

Targets

    • Target

      Setup.exe

    • Size

      4.4MB

    • MD5

      4f31c6d06b709d02171faa87661b8643

    • SHA1

      2e1009ccca971cd0041b149314b11c2ac6522732

    • SHA256

      52a739dd0e8220be711b3938accc43e9236672b993a3ca486bf73adbeaf1c063

    • SHA512

      2fb7f560479f3c7ea95b440ad3b3428f78334361f8e9ccc4275d0f1d5bdf01cc13e6255173bf1e1eacbc89da1ba0f8cce6cf3739b35ec5ecc01f97d147a00208

    • SSDEEP

      49152:BqrfmDZ6Pfb+j93RxDThWSK/ZdwdWdZfX/fc/2eIxJZJlLR2BQ6pHUivTqTZB0zQ:Bqu6PkduB/i2ecR2BQJims2D

    Score
    10/10
    redlineinfostealerspyware

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks