General

  • Target

    5a0fdb64c8a8341aea7dc257c77d841f.exe

  • Size

    339KB

  • Sample

    240707-ya8d3sxcjq

  • MD5

    5a0fdb64c8a8341aea7dc257c77d841f

  • SHA1

    09e4e601b09b80afbd7e8daf4508845a27ef1baa

  • SHA256

    94f4ff5cc87f68cd98072e0e738128b6357f0a2281892ab32909ee03b6a36a44

  • SHA512

    87b05e9c6407f0a5bbdca972c47331ca7b1aeaadf075d9f23f0ba186ddb47008d3c0d59d9aed4fc76b4f97a846701f35bd49be9541dbe71c13f19f4a1f960ba8

  • SSDEEP

    6144:q/+230RagEq1zIxzKCkaKzXc/+yjqBDcLow480tvDOZcKOsb:qX0RwxzKBXQ/+y+BIEw4dvDkJ

Malware Config

Targets

    • Target

      5a0fdb64c8a8341aea7dc257c77d841f.exe

    • Size

      339KB

    • MD5

      5a0fdb64c8a8341aea7dc257c77d841f

    • SHA1

      09e4e601b09b80afbd7e8daf4508845a27ef1baa

    • SHA256

      94f4ff5cc87f68cd98072e0e738128b6357f0a2281892ab32909ee03b6a36a44

    • SHA512

      87b05e9c6407f0a5bbdca972c47331ca7b1aeaadf075d9f23f0ba186ddb47008d3c0d59d9aed4fc76b4f97a846701f35bd49be9541dbe71c13f19f4a1f960ba8

    • SSDEEP

      6144:q/+230RagEq1zIxzKCkaKzXc/+yjqBDcLow480tvDOZcKOsb:qX0RwxzKBXQ/+y+BIEw4dvDkJ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks