General

  • Target

    6F2CE8E8650D5523A7BCD85A4BDB59F39523EE49652321A906A72445DD3B9D73

  • Size

    2MB

  • Sample

    220812-bfn63aeffl

  • MD5

    df508168f27e48f10a8329b034a635e7

  • SHA1

    86a62a26f4eaf35bc81f15b05b059f5d83ee00d6

  • SHA256

    6f2ce8e8650d5523a7bcd85a4bdb59f39523ee49652321a906a72445dd3b9d73

  • SHA512

    d1b2e717b9b33463247a644cd8bb0f32dbbe38ecb4a78c55488d55062d4aa784004fa9d93b35e92ac9140b26639a2ef7e602d977c916a03d6ae111d81445cc66

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

yt

C2

193.124.22.7:13417

Attributes
auth_value
778bc9af4179a5317bc72a9c954a0dd2

Targets

    • Target

      6F2CE8E8650D5523A7BCD85A4BDB59F39523EE49652321A906A72445DD3B9D73

    • Size

      2MB

    • MD5

      df508168f27e48f10a8329b034a635e7

    • SHA1

      86a62a26f4eaf35bc81f15b05b059f5d83ee00d6

    • SHA256

      6f2ce8e8650d5523a7bcd85a4bdb59f39523ee49652321a906a72445dd3b9d73

    • SHA512

      d1b2e717b9b33463247a644cd8bb0f32dbbe38ecb4a78c55488d55062d4aa784004fa9d93b35e92ac9140b26639a2ef7e602d977c916a03d6ae111d81445cc66

    Score
    10/10
    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Discovery

            Execution

              Exfiltration

                Impact

                  Initial Access

                    Lateral Movement

                      Persistence

                        Privilege Escalation

                          Tasks