General

  • Target

    089e75816a6610c20929c8ea4fc3255e.exe

  • Size

    855KB

  • Sample

    230819-gtq6gahg4x

  • MD5

    089e75816a6610c20929c8ea4fc3255e

  • SHA1

    dc4dc424828f8f1ba2ecb36946ea6426ddaf5f29

  • SHA256

    a444912b4f74002b2baf74df2091e86979ed630a05b3cf03089dae8933eb096a

  • SHA512

    1815ec111d60cd01e47727e0d21e3084021ab314d6865cd33e0e0e043f9b94752c519855059bb913e9800db0011336feb162b7fe8cce783143327857b8b6f025

  • SSDEEP

    12288:YMrAy90ZAntb3eSo0RnAhjnC1bZTKRu0hM0LRZD3Zj02a3LTViJpkQzt:IyVtzG5hbClZTKRaED3WHVisct

Malware Config

Extracted

Family

redline

Botnet

regta

C2

77.91.124.54:19071

Attributes
  • auth_value

    c6f537c6f0415ea7760a9bc81f48c756

Targets

    • Target

      089e75816a6610c20929c8ea4fc3255e.exe

    • Size

      855KB

    • MD5

      089e75816a6610c20929c8ea4fc3255e

    • SHA1

      dc4dc424828f8f1ba2ecb36946ea6426ddaf5f29

    • SHA256

      a444912b4f74002b2baf74df2091e86979ed630a05b3cf03089dae8933eb096a

    • SHA512

      1815ec111d60cd01e47727e0d21e3084021ab314d6865cd33e0e0e043f9b94752c519855059bb913e9800db0011336feb162b7fe8cce783143327857b8b6f025

    • SSDEEP

      12288:YMrAy90ZAntb3eSo0RnAhjnC1bZTKRu0hM0LRZD3Zj02a3LTViJpkQzt:IyVtzG5hbClZTKRaED3WHVisct

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks