Overview

overview

10

Static

static

3

file.exe

windows7-x64

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file

  • Size

    407KB

  • Sample

    231011-nq7glscd2s

  • MD5

    3194a454fa2667884639bcecc24121bf

  • SHA1

    d809b9c8e1d95c466e02dd2ac4fc39ae2964c41d

  • SHA256

    a1cb52011f1d6e3e87b276524f2a047b5122607ddf8a5eedbcc0eeeab3e026cd

  • SHA512

    c5ce7b0e8b364effb7ec1c03e5e37e1bbca501bc27989c07954e53dc16414bbb3c7c9d7494aed26cf6afb7421a0aff7c4afaa66296ec2b98b75e810971345983

  • SSDEEP

    6144:dg2CwtcshqpGKOlOCxjAa9c+kIfBCInzwA7SsOi47VjxqQYT47h0s:F7cshVnxjB3BRnzwA7nOZ7GXRs

Score
10/10
redlinediscoveryinfostealerspywarestealer

Malware Config

Targets

    • Target

      file

    • Size

      407KB

    • MD5

      3194a454fa2667884639bcecc24121bf

    • SHA1

      d809b9c8e1d95c466e02dd2ac4fc39ae2964c41d

    • SHA256

      a1cb52011f1d6e3e87b276524f2a047b5122607ddf8a5eedbcc0eeeab3e026cd

    • SHA512

      c5ce7b0e8b364effb7ec1c03e5e37e1bbca501bc27989c07954e53dc16414bbb3c7c9d7494aed26cf6afb7421a0aff7c4afaa66296ec2b98b75e810971345983

    • SSDEEP

      6144:dg2CwtcshqpGKOlOCxjAa9c+kIfBCInzwA7SsOi47VjxqQYT47h0s:F7cshVnxjB3BRnzwA7nOZ7GXRs

    Score
    10/10
    redlinediscoveryinfostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks