Overview

overview

10

Static

static

1

Setupp.zip

windows7-x64

10

Setupp.zip

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Setupp.zip

  • Size

    132.8MB

  • Sample

    230917-1jrh2acg9x

  • MD5

    1b05efdd19f4f3f08225bc2329386a32

  • SHA1

    dac6df0393b94ff4872f231b4304e27d14ac3f4b

  • SHA256

    6ba0530cb54066d2ff66b8d57639542c2f6053f2e3e5cb69e051ab55eadb406f

  • SHA512

    bf5c74121bb82e73de691d256ff0adf0413499f7225d610e67abb703bef30b894cdded1fdc230fc145ae2d554e0b381a34f01e4905ebb7cf6b43bbd41ee3442b

  • SSDEEP

    3145728:qFChK0NJRkBk96UY4wtc1Tv+iq7vfaFBYNnljoJpwl14moVruNxRIIP8g:qFCK3Bz4wK9qbKBQljewEBANxP

Score
10/10
redlineinfostealer

Malware Config

Targets

    • Target

      Setupp.zip

    • Size

      132.8MB

    • MD5

      1b05efdd19f4f3f08225bc2329386a32

    • SHA1

      dac6df0393b94ff4872f231b4304e27d14ac3f4b

    • SHA256

      6ba0530cb54066d2ff66b8d57639542c2f6053f2e3e5cb69e051ab55eadb406f

    • SHA512

      bf5c74121bb82e73de691d256ff0adf0413499f7225d610e67abb703bef30b894cdded1fdc230fc145ae2d554e0b381a34f01e4905ebb7cf6b43bbd41ee3442b

    • SSDEEP

      3145728:qFChK0NJRkBk96UY4wtc1Tv+iq7vfaFBYNnljoJpwl14moVruNxRIIP8g:qFCK3Bz4wK9qbKBQljewEBANxP

    Score
    10/10
    redlineinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks