General

  • Target

    4Mr726Sl.exe

  • Size

    459KB

  • Sample

    231010-fq67vadb63

  • MD5

    0dc5b68d3dabacbb1180ff5055d6c760

  • SHA1

    15eefebd9a753cb096932f7696fa9fc774f2523f

  • SHA256

    00517c79522072188015874aea7da2b0cc47a2527d8e22bdad86385deec60883

  • SHA512

    b842ff9b30f394964a1e7888807b45312d6a923fedfe6a4a2d4f26fe84a00de7878fbf6acdfe795dba446d8e5c42c66c0ad4e31193a54171bfe933873e55f0ca

  • SSDEEP

    6144:mfjhibDPM4jjdpvIN8fp7z5BAOCP2Taf+sDa+hUTn36FBJF8uVZlLoe6U0X:mfjaDPjjb/gPY36Lo5e6ZX

Malware Config

Extracted

Family

redline

Botnet

frant

C2

77.91.124.55:19071

Targets

    • Target

      4Mr726Sl.exe

    • Size

      459KB

    • MD5

      0dc5b68d3dabacbb1180ff5055d6c760

    • SHA1

      15eefebd9a753cb096932f7696fa9fc774f2523f

    • SHA256

      00517c79522072188015874aea7da2b0cc47a2527d8e22bdad86385deec60883

    • SHA512

      b842ff9b30f394964a1e7888807b45312d6a923fedfe6a4a2d4f26fe84a00de7878fbf6acdfe795dba446d8e5c42c66c0ad4e31193a54171bfe933873e55f0ca

    • SSDEEP

      6144:mfjhibDPM4jjdpvIN8fp7z5BAOCP2Taf+sDa+hUTn36FBJF8uVZlLoe6U0X:mfjaDPjjb/gPY36Lo5e6ZX

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks