General

  • Target

    09c4be56897be7d01a78f8136e738fb0783f30da4d640a0384fff68434764e74

  • Size

    726KB

  • Sample

    241113-n627ts1kew

  • MD5

    97ed8de2b68681e9e8269683438d9178

  • SHA1

    e3bb7435fb4dd4e46eb5846cd4e2dcc12ed3cc7a

  • SHA256

    09c4be56897be7d01a78f8136e738fb0783f30da4d640a0384fff68434764e74

  • SHA512

    b745d6ad3472c6b9c301d906ac4dd1ed6ecc1a1d40fcbe3640987f749459b6036c6b7fb2b86e15dd1c6239800dcb742e1d8c61a8cae69d9fedc1c55297f607cc

  • SSDEEP

    12288:xDKYDzqxpXBNt1BrivR0V4TBjgYxs1wl206gBawFV2ceSb0BQ/GfM/4QiAzojgJI:xDKY3qxp1NvXw

Malware Config

Targets

    • Target

      09c4be56897be7d01a78f8136e738fb0783f30da4d640a0384fff68434764e74

    • Size

      726KB

    • MD5

      97ed8de2b68681e9e8269683438d9178

    • SHA1

      e3bb7435fb4dd4e46eb5846cd4e2dcc12ed3cc7a

    • SHA256

      09c4be56897be7d01a78f8136e738fb0783f30da4d640a0384fff68434764e74

    • SHA512

      b745d6ad3472c6b9c301d906ac4dd1ed6ecc1a1d40fcbe3640987f749459b6036c6b7fb2b86e15dd1c6239800dcb742e1d8c61a8cae69d9fedc1c55297f607cc

    • SSDEEP

      12288:xDKYDzqxpXBNt1BrivR0V4TBjgYxs1wl206gBawFV2ceSb0BQ/GfM/4QiAzojgJI:xDKY3qxp1NvXw

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks