General

  • Target

    j8563787.exe

  • Size

    405KB

  • Sample

    230919-hmmp5sfd4v

  • MD5

    16e13222598ae23e01fbb730cba2f448

  • SHA1

    46730ffd712c414da91b98cb3ddf292d8faae9d6

  • SHA256

    96ec90f1ca21c56af643ffca5ed9cddc444a9226b2a2505d93f36505d5b958a4

  • SHA512

    2f33eb4a70f2411e56f64b5541fbe0edb7e5b2059a6d5bda1fc2463743f5fe784f32ab26e8fd723566dbba5124072b90a9887e8229d87fd712a339875a4f5aa8

  • SSDEEP

    6144:pOvJm09zORs+z/TMify9DAOwoQkqBAWeMnvaXt/6K5/TwvPnRD8/:p2w09CK5NjoAWUwvPRD8/

Malware Config

Extracted

Family

redline

Botnet

monik

C2

77.91.124.82:19071

Attributes
  • auth_value

    da7d9ea0878f5901f1f8319d34bdccea

Targets

    • Target

      j8563787.exe

    • Size

      405KB

    • MD5

      16e13222598ae23e01fbb730cba2f448

    • SHA1

      46730ffd712c414da91b98cb3ddf292d8faae9d6

    • SHA256

      96ec90f1ca21c56af643ffca5ed9cddc444a9226b2a2505d93f36505d5b958a4

    • SHA512

      2f33eb4a70f2411e56f64b5541fbe0edb7e5b2059a6d5bda1fc2463743f5fe784f32ab26e8fd723566dbba5124072b90a9887e8229d87fd712a339875a4f5aa8

    • SSDEEP

      6144:pOvJm09zORs+z/TMify9DAOwoQkqBAWeMnvaXt/6K5/TwvPnRD8/:p2w09CK5NjoAWUwvPRD8/

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks