General

  • Target

    bea9789e908b6a46592f963e652a858dde0a109de997819affc4b77cbc336098

  • Size

    3.7MB

  • Sample

    230123-rdahwsfb21

  • MD5

    a45e6fa02ca2dbeeb23d6fff96436a97

  • SHA1

    61ffee4cb8d28ca05b20076a5ba92aff99449ba7

  • SHA256

    bea9789e908b6a46592f963e652a858dde0a109de997819affc4b77cbc336098

  • SHA512

    aface0a7bd84fb503358087b27d891b6bac48f7d56c4e94dbd4cd4ad350ac3891e0180fb2a4cf76a516d753c9e5c12daea3b038c517cbf8268b7887a003f0707

  • SSDEEP

    98304:sBuzuXKMr2WYU68OdYIebQ4kUny6yuuhk6R1J3bj+:h63TO8K6ypk6fRby

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

st1

C2

librchichelpai.shop:81

rniwondunuifac.shop:81

Attributes
  • auth_value

    a7232a45d6034ee2454fc434093d8f12

Targets

    • Target

      bea9789e908b6a46592f963e652a858dde0a109de997819affc4b77cbc336098

    • Size

      3.7MB

    • MD5

      a45e6fa02ca2dbeeb23d6fff96436a97

    • SHA1

      61ffee4cb8d28ca05b20076a5ba92aff99449ba7

    • SHA256

      bea9789e908b6a46592f963e652a858dde0a109de997819affc4b77cbc336098

    • SHA512

      aface0a7bd84fb503358087b27d891b6bac48f7d56c4e94dbd4cd4ad350ac3891e0180fb2a4cf76a516d753c9e5c12daea3b038c517cbf8268b7887a003f0707

    • SSDEEP

      98304:sBuzuXKMr2WYU68OdYIebQ4kUny6yuuhk6R1J3bj+:h63TO8K6ypk6fRby

    Score
    10/10
    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks