General

  • Target

    2024-11-11_6338fe6cfdce82783854fd3e5865a19a_avoslocker_cobalt-strike_luca-stealer

  • Size

    724KB

  • Sample

    241111-b8g88azfpa

  • MD5

    6338fe6cfdce82783854fd3e5865a19a

  • SHA1

    c096d34a1393ceb386142f951ad0d12bd139f811

  • SHA256

    5efe7599d26de299d2b9050d52238c660af9eacadac4d424320c2099215ea67c

  • SHA512

    8b85c51a4f076682087e9c1a29fe4c5236b54b0c83da4684dc6fb4481416c4e2c6b1baea24ddb4b5931383b710d0318413edf7d27ecbb83145a3148817ed9402

  • SSDEEP

    12288:AHLuCDNEACnE2D51k5XLL4n4EiDEx5ORWZ0lLY+c6V9uaULuvQvv3LVszuuLkpF:AHLu0NEACnEA2EiQxwRWZkowQvpLuLkz

Malware Config

Extracted

Family

redline

Botnet

Google2

C2

167.235.71.14:20469

Attributes
  • auth_value

    fb274d9691235ba015830da570a13578

Targets

    • Target

      2024-11-11_6338fe6cfdce82783854fd3e5865a19a_avoslocker_cobalt-strike_luca-stealer

    • Size

      724KB

    • MD5

      6338fe6cfdce82783854fd3e5865a19a

    • SHA1

      c096d34a1393ceb386142f951ad0d12bd139f811

    • SHA256

      5efe7599d26de299d2b9050d52238c660af9eacadac4d424320c2099215ea67c

    • SHA512

      8b85c51a4f076682087e9c1a29fe4c5236b54b0c83da4684dc6fb4481416c4e2c6b1baea24ddb4b5931383b710d0318413edf7d27ecbb83145a3148817ed9402

    • SSDEEP

      12288:AHLuCDNEACnE2D51k5XLL4n4EiDEx5ORWZ0lLY+c6V9uaULuvQvv3LVszuuLkpF:AHLu0NEACnEA2EiQxwRWZkowQvpLuLkz

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.