General

  • Target

    01a2f455cbe0cc72c58c60acff46c5c5.bin

  • Size

    195KB

  • Sample

    240708-bcr4jsvcmq

  • MD5

    628a86a75088eef6d55b25c72c929a4e

  • SHA1

    d5ffc096f838b3b23b6a5adf7bba4beb58159d67

  • SHA256

    be5d94a3f9acf96172e53b626a7a97cbb7af06a9b48fabe089f5fbdd4f284f3d

  • SHA512

    2f04837665f72b50d8d5515e53f3b537a26449e5d6553314c04237b6241654cf96b0443ac93bcdf0ae1fb1ca337506be2e8772efc3a6b966f5db7ffec956f19a

  • SSDEEP

    6144:hn7CGZxSAFFV8Co2vL+nS1lvh6AgosOjpQ5p:Z7CGKAFz0WLLTJd+P5p

Malware Config

Targets

    • Target

      e8e12bc924dda41abbd2b38031b05a7c782e08bd6adccf4baaea3f44b6833462.exe

    • Size

      287KB

    • MD5

      01a2f455cbe0cc72c58c60acff46c5c5

    • SHA1

      7f447f7c8606725d3418f7f6b5c8a91ead0c246f

    • SHA256

      e8e12bc924dda41abbd2b38031b05a7c782e08bd6adccf4baaea3f44b6833462

    • SHA512

      31a09211f2d3275cb9ee4c0a6e7f814c1c9953fe73e27c46cec01c34b39b63096186c4009964e81c28f237d4384d7a3a67bc533f642a82c84f46fb3057b4c8f3

    • SSDEEP

      6144:X9XfhtAvOgPoSaZQAn6xYUshkNQZRBqeDZFIP:NX5yvTQSM6WUs6QZR8e9+

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks