General

  • Target

    c88e2e642bc9dcb31352c23ecdf4e8beb4472a867ecc5f08af7c22b1ebed9a61

  • Size

    376KB

  • Sample

    241109-zb17ts1hql

  • MD5

    49ea3e07d0cb6c29f234926d2d2c924a

  • SHA1

    c93f6dbb13f201fe48b5defcbf7ba187d2e9a219

  • SHA256

    c88e2e642bc9dcb31352c23ecdf4e8beb4472a867ecc5f08af7c22b1ebed9a61

  • SHA512

    6bbd0266edcd9c0cac6e3128dd7776e4bd8bb2832d349d5f3e16988771d5d12f2ca2e9e2d78c67c7f0e4288d0cd91b8b62a4b66d4482aaf895702d21f7331e98

  • SSDEEP

    6144:Kdy+bnr+hp0yN90QEz3x32RQX6oCGmJY+YD6JkelYeedXfAC/izj41P0F:DMr9y90V92cM7YDWNYLf8k0F

Malware Config

Targets

    • Target

      c88e2e642bc9dcb31352c23ecdf4e8beb4472a867ecc5f08af7c22b1ebed9a61

    • Size

      376KB

    • MD5

      49ea3e07d0cb6c29f234926d2d2c924a

    • SHA1

      c93f6dbb13f201fe48b5defcbf7ba187d2e9a219

    • SHA256

      c88e2e642bc9dcb31352c23ecdf4e8beb4472a867ecc5f08af7c22b1ebed9a61

    • SHA512

      6bbd0266edcd9c0cac6e3128dd7776e4bd8bb2832d349d5f3e16988771d5d12f2ca2e9e2d78c67c7f0e4288d0cd91b8b62a4b66d4482aaf895702d21f7331e98

    • SSDEEP

      6144:Kdy+bnr+hp0yN90QEz3x32RQX6oCGmJY+YD6JkelYeedXfAC/izj41P0F:DMr9y90V92cM7YDWNYLf8k0F

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks