Overview

overview

10

Static

static

3

NEAS.Secur...JC.exe

windows7-x64

10

NEAS.Secur...JC.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.SecuriteInfocomWin32TrojanPSE21EV881674519460exe_JC.exe

  • Size

    425KB

  • Sample

    231008-tjgv9sdh9v

  • MD5

    9cad4182d25b774ed3d69305a84f0d14

  • SHA1

    4cffee5301b04894df53c50b54684e24619d7dd2

  • SHA256

    b15e8f35b848a0cb272a4d480235baec025dab7887409c0551ba810e3a15f7fd

  • SHA512

    565100515fb2a0af94bbb5abdfa3c486492c03650d622df57ea52a7fb63411664e6a9f4b5d5abfc19a5d859a9d109369da608733553f039905a2ddcf9f7063f2

  • SSDEEP

    6144:hJoZaCmR6LXtdAg0BtU6DMHtJ5j/X/c0oa337gADC:hCm6mDMFf/E7A

Score
10/10
redlinemicrosoftdiscoveryinfostealerphishingspywarestealer

Malware Config

Targets

    • Target

      NEAS.SecuriteInfocomWin32TrojanPSE21EV881674519460exe_JC.exe

    • Size

      425KB

    • MD5

      9cad4182d25b774ed3d69305a84f0d14

    • SHA1

      4cffee5301b04894df53c50b54684e24619d7dd2

    • SHA256

      b15e8f35b848a0cb272a4d480235baec025dab7887409c0551ba810e3a15f7fd

    • SHA512

      565100515fb2a0af94bbb5abdfa3c486492c03650d622df57ea52a7fb63411664e6a9f4b5d5abfc19a5d859a9d109369da608733553f039905a2ddcf9f7063f2

    • SSDEEP

      6144:hJoZaCmR6LXtdAg0BtU6DMHtJ5j/X/c0oa337gADC:hCm6mDMFf/E7A

    Score
    10/10
    redlinediscoveryinfostealerspywarestealermicrosoftphishing

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Detected potential entity reuse from brand microsoft.

      phishingmicrosoft
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks