General

  • Target

    NEAS.NEAS1f7274b1da7f1fb048cffa3e761cc4acc7cffc4d66ba82d1bfd603549b815a5dexeexe_JC.exe

  • Size

    309KB

  • Sample

    231016-n5mqraea8t

  • MD5

    a9efb71a209120a8e623f58160ea0fbb

  • SHA1

    beb2e6d3a0d8c616960befb37681238294d023bc

  • SHA256

    1f7274b1da7f1fb048cffa3e761cc4acc7cffc4d66ba82d1bfd603549b815a5d

  • SHA512

    5d2f5a12ecc7610110ea4e9b74276d929a0905ec7047e4ad947394860f3574a93675505d9b07ad54764772f5ff3347cb8960f82b3628c31ca3ad78f09d0fa7e5

  • SSDEEP

    3072:2SA667sQ+P/7/jy8zLfnbfOLRCS6fCN6sXC0Cg+26Xu9rLuxeePDj9jIux:2ST6mnJz3f2CS6fq6KCuzUmeND

Malware Config

Extracted

Family

redline

C2

78.47.171.102:6264

Targets

    • Target

      NEAS.NEAS1f7274b1da7f1fb048cffa3e761cc4acc7cffc4d66ba82d1bfd603549b815a5dexeexe_JC.exe

    • Size

      309KB

    • MD5

      a9efb71a209120a8e623f58160ea0fbb

    • SHA1

      beb2e6d3a0d8c616960befb37681238294d023bc

    • SHA256

      1f7274b1da7f1fb048cffa3e761cc4acc7cffc4d66ba82d1bfd603549b815a5d

    • SHA512

      5d2f5a12ecc7610110ea4e9b74276d929a0905ec7047e4ad947394860f3574a93675505d9b07ad54764772f5ff3347cb8960f82b3628c31ca3ad78f09d0fa7e5

    • SSDEEP

      3072:2SA667sQ+P/7/jy8zLfnbfOLRCS6fCN6sXC0Cg+26Xu9rLuxeePDj9jIux:2ST6mnJz3f2CS6fq6KCuzUmeND

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Detected potential entity reuse from brand microsoft.

MITRE ATT&CK Enterprise v15

Tasks