General

  • Target

    bbbe62dab07ebc8abd95e0689dd6c88ca660ea09703b09629bc8fb6cf1a88668

  • Size

    299KB

  • Sample

    241030-1t23hs1jcx

  • MD5

    126b0b41efdeec466fe9c45daf9f8878

  • SHA1

    77250f8089d2c91b1bfcfe31261956ef3a8f70b9

  • SHA256

    bbbe62dab07ebc8abd95e0689dd6c88ca660ea09703b09629bc8fb6cf1a88668

  • SHA512

    0dcabba22bba90fef4043e45fc791769af8b0f9d0b4ec0124910dad6bc85d68e210cb9f626a74018a69653acb416aa0e570ae7aec061d6aaa69ac5bff9b5fcb4

  • SSDEEP

    6144:3lvaNgBnlaDywhIc4GJURBJAOQrl3+SRc72q29/n202uTHRZ:3VaNgBnlaDUphTsVBxZ

Malware Config

Extracted

Family

redline

Botnet

9-5

C2

139.99.32.83:43199

Attributes
  • auth_value

    637de2b47f42d9cc7912f71cb6b57b5b

Targets

    • Target

      bbbe62dab07ebc8abd95e0689dd6c88ca660ea09703b09629bc8fb6cf1a88668

    • Size

      299KB

    • MD5

      126b0b41efdeec466fe9c45daf9f8878

    • SHA1

      77250f8089d2c91b1bfcfe31261956ef3a8f70b9

    • SHA256

      bbbe62dab07ebc8abd95e0689dd6c88ca660ea09703b09629bc8fb6cf1a88668

    • SHA512

      0dcabba22bba90fef4043e45fc791769af8b0f9d0b4ec0124910dad6bc85d68e210cb9f626a74018a69653acb416aa0e570ae7aec061d6aaa69ac5bff9b5fcb4

    • SSDEEP

      6144:3lvaNgBnlaDywhIc4GJURBJAOQrl3+SRc72q29/n202uTHRZ:3VaNgBnlaDUphTsVBxZ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks