General

  • Target

    j7613180.exe

  • Size

    399KB

  • Sample

    230919-hmthpahd79

  • MD5

    b04e1c33a515559e10c520a36d739037

  • SHA1

    be50a412da7f661ab6b655d6c9fae51d57da2fe0

  • SHA256

    6fc64f7f15c98b6563005919b6172aa4ebd6290d04d4880f8aba1eff69bd6a6e

  • SHA512

    051c9cbf693bc2883014536bb89ac64f08b12f06c1cacdb5e1cc1c3e8663d84a51cc5321ebc0d5eb406e4cf7e959f12ba4cdaa7687cafa3b117e8c8ff4f5cfd8

  • SSDEEP

    12288:qw/bqiG59ouScDXooaYGD7xexkQ4aPiO1Sa:qw/o5ZXooaN5nOs

Malware Config

Extracted

Family

redline

Botnet

monik

C2

77.91.124.82:19071

Attributes
  • auth_value

    da7d9ea0878f5901f1f8319d34bdccea

Targets

    • Target

      j7613180.exe

    • Size

      399KB

    • MD5

      b04e1c33a515559e10c520a36d739037

    • SHA1

      be50a412da7f661ab6b655d6c9fae51d57da2fe0

    • SHA256

      6fc64f7f15c98b6563005919b6172aa4ebd6290d04d4880f8aba1eff69bd6a6e

    • SHA512

      051c9cbf693bc2883014536bb89ac64f08b12f06c1cacdb5e1cc1c3e8663d84a51cc5321ebc0d5eb406e4cf7e959f12ba4cdaa7687cafa3b117e8c8ff4f5cfd8

    • SSDEEP

      12288:qw/bqiG59ouScDXooaYGD7xexkQ4aPiO1Sa:qw/o5ZXooaN5nOs

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks