General

  • Target

    de8ebadd1cfd4ada473ad2be1f161cc4.exe

  • Size

    436KB

  • Sample

    231019-1w7e1sdg27

  • MD5

    de8ebadd1cfd4ada473ad2be1f161cc4

  • SHA1

    b8799952e444f5dad900279f0f3ce5d6f5e9a1d9

  • SHA256

    2b8416027771d98074103d1b3e795cb8f458d4b56c1f01c50bba0b9cc291de4f

  • SHA512

    e38d70218db8be14bac53a70c8a3009055665ccbdf3bd0aa5f33b56ea9bf2a354ca52ccd44c54e960a7d956ac05fa393ba6db5e1b1fdce83a9593b6a67fd40e2

  • SSDEEP

    6144:VA7lu4Pkk1MotFfIv653uj51eSN1ElLmAoH7t4GzQ2o/O0BDO4RNvCU9q:VA7Y4VFwSQPpGtnNvCU9q

Malware Config

Targets

    • Target

      de8ebadd1cfd4ada473ad2be1f161cc4.exe

    • Size

      436KB

    • MD5

      de8ebadd1cfd4ada473ad2be1f161cc4

    • SHA1

      b8799952e444f5dad900279f0f3ce5d6f5e9a1d9

    • SHA256

      2b8416027771d98074103d1b3e795cb8f458d4b56c1f01c50bba0b9cc291de4f

    • SHA512

      e38d70218db8be14bac53a70c8a3009055665ccbdf3bd0aa5f33b56ea9bf2a354ca52ccd44c54e960a7d956ac05fa393ba6db5e1b1fdce83a9593b6a67fd40e2

    • SSDEEP

      6144:VA7lu4Pkk1MotFfIv653uj51eSN1ElLmAoH7t4GzQ2o/O0BDO4RNvCU9q:VA7Y4VFwSQPpGtnNvCU9q

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Detected potential entity reuse from brand microsoft.

MITRE ATT&CK Enterprise v15

Tasks