Overview

overview

10

Static

static

10

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    82a8015153b510a493e4495ee227926e67b0aeb7c63dfdd5751691167161eaad

  • Size

    306KB

  • Sample

    240424-rkyt3abd6t

  • MD5

    a922a5250a62dd492fa2fdf2d55e9fb8

  • SHA1

    09b0571abc9c029ea777bc6576e363d9c6e99122

  • SHA256

    82a8015153b510a493e4495ee227926e67b0aeb7c63dfdd5751691167161eaad

  • SHA512

    a2118de3d8b916f1d007f9a5bb43c03ae17e8697d17e4a34fadbe660ef3c9ce2e75b6ed36145412b48c8c882b52d2cadf3fa560fdd90cddea617b54d9e033981

  • SSDEEP

    6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/

Score
10/10
redlinespooinfostealerspywarestealer

Malware Config

Extracted

Family

redline

Botnet

spoo

C2

103.113.70.99:2630

Targets

    • Target

      82a8015153b510a493e4495ee227926e67b0aeb7c63dfdd5751691167161eaad

    • Size

      306KB

    • MD5

      a922a5250a62dd492fa2fdf2d55e9fb8

    • SHA1

      09b0571abc9c029ea777bc6576e363d9c6e99122

    • SHA256

      82a8015153b510a493e4495ee227926e67b0aeb7c63dfdd5751691167161eaad

    • SHA512

      a2118de3d8b916f1d007f9a5bb43c03ae17e8697d17e4a34fadbe660ef3c9ce2e75b6ed36145412b48c8c882b52d2cadf3fa560fdd90cddea617b54d9e033981

    • SSDEEP

      6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/

    Score
    10/10
    redlinespooinfostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks