ioc[.]one - OSINT Cyber Threat Intelligence Database

RedLine Stealer spreading through OneNote - K7 Labs

Tags

attack-pattern:

Data Hardware - T1592.001 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Software - T1592.002 Powershell - T1086

Show in Graph

Common Information

Type	Value
UUID	c2f267d7-c931-4475-9c50-b0aca8aed290
Fingerprint	ae8794d021a7b235
Analysis status	DONE
Considered CTI value	0
Text language
Published	Feb. 22, 2023, 5:20 a.m.
Added to db	Feb. 22, 2023, 7:26 a.m.
Last updated	Nov. 6, 2024, 6:27 a.m.
Headline	RedLine Stealer spreading through OneNote
Title	RedLine Stealer spreading through OneNote - K7 Labs
Detected Hints/Tags/Attributes	22/1/5

Source URLs

	Redirection	Url
Details	Source	https://labs.k7computing.com/index.php/redline-stealer-spreading-through-onenote/

URL Provider

Details	Provider	Source level domain
Details	k7computing.com	labs.k7computing.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	512	✔	K7 Labs	https://labs.k7computing.com/index.php/feed/	2024-08-31 15:08

Attributes

Details	Type	#Events	CTI	Value
Details	File	2		xxx.bat
Details	File	55		payload.exe
Details	File	1		pestle.exe
Details	md5	1		f510047d3e06f51cc81d0ad54c5fe079
Details	IPv4	5		172.245.45.213