Resubmissions

10-05-2024 06:26

240510-g7fxnafg6v 10

10-05-2024 06:21

240510-g4gd1sff2x 10

General

  • Target

    Ultimate YT Downloader Cutter.msi

  • Size

    7.2MB

  • Sample

    240510-g4gd1sff2x

  • MD5

    c258f77dfbbb6580b38fbf744ff238e4

  • SHA1

    33af74b935e5f48af1ffcbd893f2451a9cf1ec5f

  • SHA256

    bc4d7fbcab5275cd4f3459fab23a8bfff4e6abe9f3b5d407ceb7742049f42fbc

  • SHA512

    6c0eac4e36dc12c0266bf40d2ceb10972f9abecf5e80564301facb1a53623a2bd66728dd5aacbf4c87d356e5f2a6af3e9aec3d4c7cc35fa98aec1e7dfd2744c1

  • SSDEEP

    196608:IOiXwX+BxPrJBTYcnUZmu/xh93FI+t6f9mJBsuDcE:DigO3TYcnYTJV/acsl

Malware Config

Extracted

Family

redline

Botnet

https://free-yt-downloader.com

C2

https://free-yt-downloader.com

Targets

    • Target

      Ultimate YT Downloader Cutter.msi

    • Size

      7.2MB

    • MD5

      c258f77dfbbb6580b38fbf744ff238e4

    • SHA1

      33af74b935e5f48af1ffcbd893f2451a9cf1ec5f

    • SHA256

      bc4d7fbcab5275cd4f3459fab23a8bfff4e6abe9f3b5d407ceb7742049f42fbc

    • SHA512

      6c0eac4e36dc12c0266bf40d2ceb10972f9abecf5e80564301facb1a53623a2bd66728dd5aacbf4c87d356e5f2a6af3e9aec3d4c7cc35fa98aec1e7dfd2744c1

    • SSDEEP

      196608:IOiXwX+BxPrJBTYcnUZmu/xh93FI+t6f9mJBsuDcE:DigO3TYcnYTJV/acsl

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks