General

  • Target

    aa1478441fd4bc715338f2fd85b4dc85

  • Size

    719KB

  • Sample

    241111-bx95vszamr

  • MD5

    aa1478441fd4bc715338f2fd85b4dc85

  • SHA1

    32a1d11dab5a9e31f3f9c0bdf20d7aff83a671f4

  • SHA256

    e1e5b0c1a6e6bd88494c11fe5e9db4d3c12d27c2ce909070eadb68f609bddf0b

  • SHA512

    79c1fa2558653a9ca390d736538fec761694a5ab3f26e1cc45df2f94ab6452df5ef68da8e2e7efe9f8df307dee17696a28c202bd81db828e5994abab1217aa33

  • SSDEEP

    12288:kgBtLZA7fsuwp1ZFNi2IEiCBq9TsfcXLnx0/TW5PudT+BZk0wrXfzOd2IBdKWT:kqtLZA7fjEiCBqx6gLoTW5nk0abOkQ

Malware Config

Extracted

Family

redline

Botnet

76

C2

139.99.32.83:43199

Attributes
  • auth_value

    44d461325298129ed3c705440f57962c

Targets

    • Target

      aa1478441fd4bc715338f2fd85b4dc85

    • Size

      719KB

    • MD5

      aa1478441fd4bc715338f2fd85b4dc85

    • SHA1

      32a1d11dab5a9e31f3f9c0bdf20d7aff83a671f4

    • SHA256

      e1e5b0c1a6e6bd88494c11fe5e9db4d3c12d27c2ce909070eadb68f609bddf0b

    • SHA512

      79c1fa2558653a9ca390d736538fec761694a5ab3f26e1cc45df2f94ab6452df5ef68da8e2e7efe9f8df307dee17696a28c202bd81db828e5994abab1217aa33

    • SSDEEP

      12288:kgBtLZA7fsuwp1ZFNi2IEiCBq9TsfcXLnx0/TW5PudT+BZk0wrXfzOd2IBdKWT:kqtLZA7fjEiCBqx6gLoTW5nk0abOkQ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.