ec7e312cc3794b8a5a9838a48bce5102d4b88b09b80b524dc7ca3bb164a9e352 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Redline Stealer Builder (Modified Variant).7z
Size

692KB
Sample

240711-r77eqa1cjp
MD5

f0ce60b7fa43a580e6bc2ceb1b4677e8
SHA1

14614ec143f792e22ad192c214ce4e7ecc97eef5
SHA256

ec7e312cc3794b8a5a9838a48bce5102d4b88b09b80b524dc7ca3bb164a9e352
SHA512

5e8013bec72c1640837736f6c77cca3fcb4923f4c43b7931a86ee01d18ef05406a50a5d8a4ad35afafa48e9bedafe0abaa6fdbe54f6e3f89b7a16c4bb6b96b58
SSDEEP

12288:mPNeNwzSce14ZpWv/18ImQcz6twYYYG4cfq6DPHSKrfV/mYFDbJUh8IqcbKrrnwB:y8NFN143WeImQ9alD/SWV/mYFDdMD+wB

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  RedLine_Clipper_Cracked.exe
- Size
  
  827KB
- MD5
  
  c45dd3b001aac16046e56cc0bed3c77c
- SHA1
  
  bd295f2699d32902a71b0480e0dc9b82ba6ea155
- SHA256
  
  d3ccc70fe10b2804c6d7978579645b0a04a0f7ad1f15776aefadc3f635156520
- SHA512
  
  bfdaf14c0f953a68948c6114014a3dfae12a6d3237b815ad2df08f48ffd90602b712d6131aab24c7c0a5ad49007ef958004291b68fe7140dc4cc8fb4fe94f9b5
- SSDEEP
  
  24576:nJlh9bDuaI53gOP3NV66jrVIpM9QdAPLqLdcBW:nJq+OP3NsukXdm+Rp
Score

7^/10

persistence
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2