General

  • Target

    7aecc990d8d5358160ea5b4afaf5b4fc

  • Size

    300KB

  • Sample

    220603-adt4vsgadj

  • MD5

    7aecc990d8d5358160ea5b4afaf5b4fc

  • SHA1

    d712482cec817f153aa375a89578a65eeef88e0e

  • SHA256

    eb9939f5350adb4d8936f51c66aca84533ed1e093e591be0bf1d68433affd19d

  • SHA512

    ec8998ab825ff1f641f412b2b31ae26ab3e3c24239581ac38079bea574a1098aeb9016d4cc77127263cff4eb051c3a1274315e553bce2c631bae54f06664bcad

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

1

C2

65.108.5.252:43673

Attributes
  • auth_value

    95517c2a2f56575288c35d9dfde4a6aa

Targets

    • Target

      7aecc990d8d5358160ea5b4afaf5b4fc

    • Size

      300KB

    • MD5

      7aecc990d8d5358160ea5b4afaf5b4fc

    • SHA1

      d712482cec817f153aa375a89578a65eeef88e0e

    • SHA256

      eb9939f5350adb4d8936f51c66aca84533ed1e093e591be0bf1d68433affd19d

    • SHA512

      ec8998ab825ff1f641f412b2b31ae26ab3e3c24239581ac38079bea574a1098aeb9016d4cc77127263cff4eb051c3a1274315e553bce2c631bae54f06664bcad

    Score
    10/10
    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine Payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks