General

  • Target

    tmp

  • Size

    702KB

  • Sample

    221002-la19jshae4

  • MD5

    6d1eb524b582cadf213416c475be3912

  • SHA1

    9e15d204835b2018e0748547f1d3fbaadd85e1bc

  • SHA256

    93b41f139523aa5e95c9dac7265837e1b85d25a6dacd959e2c68a10a16d00654

  • SHA512

    f7fe994ea76b2bad614ae31183d9ae783b1317728e5902d87bd3a35afc5f0533f576ca18c30fcdc9121bfd3c20218270332b7db306622af6cbf7d3424b650a84

  • SSDEEP

    12288:6Ab2iNIJUoZg6fm02RR3KKfsBE61G3lBEYZIka:f1CJtZvfm0IRzseF3PPZk

Malware Config

Extracted

Family

redline

Botnet

sirus

C2

147.124.223.126:4444

Targets

    • Target

      tmp

    • Size

      702KB

    • MD5

      6d1eb524b582cadf213416c475be3912

    • SHA1

      9e15d204835b2018e0748547f1d3fbaadd85e1bc

    • SHA256

      93b41f139523aa5e95c9dac7265837e1b85d25a6dacd959e2c68a10a16d00654

    • SHA512

      f7fe994ea76b2bad614ae31183d9ae783b1317728e5902d87bd3a35afc5f0533f576ca18c30fcdc9121bfd3c20218270332b7db306622af6cbf7d3424b650a84

    • SSDEEP

      12288:6Ab2iNIJUoZg6fm02RR3KKfsBE61G3lBEYZIka:f1CJtZvfm0IRzseF3PPZk

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks