General

  • Target

    bce0266571c2c01220935f0a31371d5e.exe

  • Size

    430KB

  • Sample

    231019-2aenjsdh28

  • MD5

    bce0266571c2c01220935f0a31371d5e

  • SHA1

    5f8753ac718694020c1b7573238f2257dd1182ed

  • SHA256

    87706a432b18f8557a1e3c2c103a8347a5b88b74dd9a4d7d282d30d181c0f4a3

  • SHA512

    a40ef2d88d0b5ca9dab0136c8dfe666eb771b6c326f6c0dac61ad9c71978207c9ee2891f3a32751892ec3911d9f17d743d83d04bfe9e266c236a196b164fbdc6

  • SSDEEP

    6144:M3EVJ1l+THakB1jAOZxIjBwOBFe1Fsl8ealAYohO8RitilmLSoK:M3EVDlrSRZ4BFeAl8DLqgilmlK

Malware Config

Targets

    • Target

      bce0266571c2c01220935f0a31371d5e.exe

    • Size

      430KB

    • MD5

      bce0266571c2c01220935f0a31371d5e

    • SHA1

      5f8753ac718694020c1b7573238f2257dd1182ed

    • SHA256

      87706a432b18f8557a1e3c2c103a8347a5b88b74dd9a4d7d282d30d181c0f4a3

    • SHA512

      a40ef2d88d0b5ca9dab0136c8dfe666eb771b6c326f6c0dac61ad9c71978207c9ee2891f3a32751892ec3911d9f17d743d83d04bfe9e266c236a196b164fbdc6

    • SSDEEP

      6144:M3EVJ1l+THakB1jAOZxIjBwOBFe1Fsl8ealAYohO8RitilmLSoK:M3EVDlrSRZ4BFeAl8DLqgilmlK

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Detected potential entity reuse from brand microsoft.

MITRE ATT&CK Enterprise v15

Tasks