Triage | Malware sandboxing report by Hatching Triage

Sharing

General

Target

h3626941.exe
Size

174KB
Sample

230919-hmz1gafd41
MD5

43acc3d174d9c2da4013def25ed93107
SHA1

c0e91ed2ab5c607fc0b22c8f4209db792c26fa5f
SHA256

745e358e9b0eefe2efe8d14cdbf17a194b81a80f929df4514cc3fed696d259ee
SHA512

6ddecd71a2e5f9d6670f297513fe3db5e2ed4e859857d8a25a42dbcfe03e6d5f70762af836061a0ebfdfc05be6ca102d6b9116fe6e627a989811da07c59b9614
SSDEEP

3072:woA6n9303bII0/mFuYOxwVxca14aE0Ky75HligaJk8e8hi:woAm9WII0/mFuO14aE0hHligay

Score

10^/10

redline vasha infostealer

Malware Config

Extracted

Family

redline

Botnet

vasha

C2

77.91.124.82:19071

Attributes

auth_value
42fc61786274daca54d589b85a2c1954

Targets

- Target
  
  h3626941.exe
- Size
  
  174KB
- MD5
  
  43acc3d174d9c2da4013def25ed93107
- SHA1
  
  c0e91ed2ab5c607fc0b22c8f4209db792c26fa5f
- SHA256
  
  745e358e9b0eefe2efe8d14cdbf17a194b81a80f929df4514cc3fed696d259ee
- SHA512
  
  6ddecd71a2e5f9d6670f297513fe3db5e2ed4e859857d8a25a42dbcfe03e6d5f70762af836061a0ebfdfc05be6ca102d6b9116fe6e627a989811da07c59b9614
- SSDEEP
  
  3072:woA6n9303bII0/mFuYOxwVxca14aE0Ky75HligaJk8e8hi:woAm9WII0/mFuO14aE0hHligay
Score

10^/10

redline vasha infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinevashainfostealer

behavioral2

redlinevashainfostealer