General

  • Target

    501fd50d6dccb204485f2a07b0082426651e4a9557cb43eb0bf21af07fe1f0e2

  • Size

    436KB

  • Sample

    231020-aarvbsec67

  • MD5

    dcd14ea18bb164d65557ddf4d00b074d

  • SHA1

    d1eac8c92d8a9e8c36aca66aa4c1240a047b0731

  • SHA256

    501fd50d6dccb204485f2a07b0082426651e4a9557cb43eb0bf21af07fe1f0e2

  • SHA512

    39d0bc7599b191cadfdd493856b26a349213ac3cbcd94503bc2134bedfae8332f5378a7a1ad8128761a171c1b157aa9c2dbf7a2cd72bc46351761ba69d185f84

  • SSDEEP

    6144:APNpRkPmMotFfIv653uj51eSN1ElLmAoH7t4GzQ2o/O0BDO4RNvCU9q:APNphFwSQPpGtnNvCU9q

Malware Config

Targets

    • Target

      501fd50d6dccb204485f2a07b0082426651e4a9557cb43eb0bf21af07fe1f0e2

    • Size

      436KB

    • MD5

      dcd14ea18bb164d65557ddf4d00b074d

    • SHA1

      d1eac8c92d8a9e8c36aca66aa4c1240a047b0731

    • SHA256

      501fd50d6dccb204485f2a07b0082426651e4a9557cb43eb0bf21af07fe1f0e2

    • SHA512

      39d0bc7599b191cadfdd493856b26a349213ac3cbcd94503bc2134bedfae8332f5378a7a1ad8128761a171c1b157aa9c2dbf7a2cd72bc46351761ba69d185f84

    • SSDEEP

      6144:APNpRkPmMotFfIv653uj51eSN1ElLmAoH7t4GzQ2o/O0BDO4RNvCU9q:APNphFwSQPpGtnNvCU9q

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Detected potential entity reuse from brand microsoft.

MITRE ATT&CK Enterprise v15

Tasks