General

  • Target

    1c9cb19f72b337353fab5826b145b2f3.exe

  • Size

    1.4MB

  • Sample

    230920-rbjnsaaf83

  • MD5

    1c9cb19f72b337353fab5826b145b2f3

  • SHA1

    2fe6ddb2fb7fc0082388904ffddb5902c520179b

  • SHA256

    f217f02bbbf1b37386d8611b2ef07dd562d33dc1b31d84a260e11decf082b66a

  • SHA512

    90a14e5be34e1f6b23c1ccbfb80b5f29d1ce6e1d58573de82abeb14b5a00f2bfbda4fc0d45058d6a5362274c08b0d280a4d280097f72ba3eb9b59db46acaf1bc

  • SSDEEP

    24576:Slu3eXnSurrbe0DUBB//rAMg2aUqC3qRo/H/:SqSSCXe4ULOcqRC/

Malware Config

Targets

    • Target

      1c9cb19f72b337353fab5826b145b2f3.exe

    • Size

      1.4MB

    • MD5

      1c9cb19f72b337353fab5826b145b2f3

    • SHA1

      2fe6ddb2fb7fc0082388904ffddb5902c520179b

    • SHA256

      f217f02bbbf1b37386d8611b2ef07dd562d33dc1b31d84a260e11decf082b66a

    • SHA512

      90a14e5be34e1f6b23c1ccbfb80b5f29d1ce6e1d58573de82abeb14b5a00f2bfbda4fc0d45058d6a5362274c08b0d280a4d280097f72ba3eb9b59db46acaf1bc

    • SSDEEP

      24576:Slu3eXnSurrbe0DUBB//rAMg2aUqC3qRo/H/:SqSSCXe4ULOcqRC/

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks