General

  • Target

    3b83deabafe1034f8f2d6e71c136b09a55912243ef0889c398e2ec9e9943bbea

  • Size

    719KB

  • Sample

    241109-1rtncstbjr

  • MD5

    4d435c2b6ac488bbe2bb654cfa21577f

  • SHA1

    40237dcc06e6818acee55fdf1406bbac2a75df37

  • SHA256

    3b83deabafe1034f8f2d6e71c136b09a55912243ef0889c398e2ec9e9943bbea

  • SHA512

    486541421532a27d314c982818f4dbf5beb75b2696dd20ca5c39aaeb48898a66aebf34ce7e43cdd597416c583ee8745e868718d767ed8a9cd4e91c39e5da1e3d

  • SSDEEP

    12288:jYKNLZA7fkuwp1ZFNi2IEiCBq9TsfcXLnx0/TW5PudT+B3W5BJbamBIBT:jpNLZA7fLEiCBqx6gLoTW5JWXJb/u1

Malware Config

Extracted

Family

redline

Botnet

76

C2

139.99.32.83:43199

Attributes
  • auth_value

    44d461325298129ed3c705440f57962c

Targets

    • Target

      3b83deabafe1034f8f2d6e71c136b09a55912243ef0889c398e2ec9e9943bbea

    • Size

      719KB

    • MD5

      4d435c2b6ac488bbe2bb654cfa21577f

    • SHA1

      40237dcc06e6818acee55fdf1406bbac2a75df37

    • SHA256

      3b83deabafe1034f8f2d6e71c136b09a55912243ef0889c398e2ec9e9943bbea

    • SHA512

      486541421532a27d314c982818f4dbf5beb75b2696dd20ca5c39aaeb48898a66aebf34ce7e43cdd597416c583ee8745e868718d767ed8a9cd4e91c39e5da1e3d

    • SSDEEP

      12288:jYKNLZA7fkuwp1ZFNi2IEiCBq9TsfcXLnx0/TW5PudT+B3W5BJbamBIBT:jpNLZA7fLEiCBqx6gLoTW5JWXJb/u1

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks