General

  • Target

    0a5868a0d7675fa7337a8da498274608c29715d615288d2e0d7a728425ebd9d4

  • Size

    486KB

  • Sample

    220530-s1396aace4

  • MD5

    94171bdb6de49f25dfa8185e60082b36

  • SHA1

    dcd0848a0152bc09940a39c3093b4887fed53883

  • SHA256

    0a5868a0d7675fa7337a8da498274608c29715d615288d2e0d7a728425ebd9d4

  • SHA512

    0fe844b78b66bab1ab36afc01adc95d2e9b90ec42efac9d510ecfac4d21c9ca49d4d037becc7613b4a1db33af7795b5e75ccea03fec1a5af85d67908a173385b

Malware Config

Extracted

Family

redline

Botnet

600$5

C2

193.38.235.192:43770

Attributes
  • auth_value

    dd54f25665dc6af5439959d34a36bf6b

Targets

    • Target

      0a5868a0d7675fa7337a8da498274608c29715d615288d2e0d7a728425ebd9d4

    • Size

      486KB

    • MD5

      94171bdb6de49f25dfa8185e60082b36

    • SHA1

      dcd0848a0152bc09940a39c3093b4887fed53883

    • SHA256

      0a5868a0d7675fa7337a8da498274608c29715d615288d2e0d7a728425ebd9d4

    • SHA512

      0fe844b78b66bab1ab36afc01adc95d2e9b90ec42efac9d510ecfac4d21c9ca49d4d037becc7613b4a1db33af7795b5e75ccea03fec1a5af85d67908a173385b

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine Payload

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Matrix

Tasks