General

  • Target

    77ba34f450e9a293600b76082b4dcc02b13e52106438ecb2e7c5df3e79ebb6f4

  • Size

    234KB

  • Sample

    241111-gmffdstgrp

  • MD5

    4b62e38c170a58686426c5eb1c1953b5

  • SHA1

    fe02b734fe0eb97a2ed2a08b8b871dec86fe106d

  • SHA256

    77ba34f450e9a293600b76082b4dcc02b13e52106438ecb2e7c5df3e79ebb6f4

  • SHA512

    64124ebfc9a1bf83c7ae0279187595d3138290dea372f392248d91623d085e2a3289ae94bc772cadafc89bea14b92f5e4ef892704622b3a79408bed1c620616c

  • SSDEEP

    3072:Y7P8j/9HLGhUCAClkcax3/lmgRwKYrK/75RuiAVTj5eIPlrpaf:Y7kvIYO3KYrK/rdAJ5en

Malware Config

Extracted

Family

redline

C2

82.115.223.46:57672

Attributes
  • auth_value

    bf1ad460402b86c974353b25cbafea76

Targets

    • Target

      77ba34f450e9a293600b76082b4dcc02b13e52106438ecb2e7c5df3e79ebb6f4

    • Size

      234KB

    • MD5

      4b62e38c170a58686426c5eb1c1953b5

    • SHA1

      fe02b734fe0eb97a2ed2a08b8b871dec86fe106d

    • SHA256

      77ba34f450e9a293600b76082b4dcc02b13e52106438ecb2e7c5df3e79ebb6f4

    • SHA512

      64124ebfc9a1bf83c7ae0279187595d3138290dea372f392248d91623d085e2a3289ae94bc772cadafc89bea14b92f5e4ef892704622b3a79408bed1c620616c

    • SSDEEP

      3072:Y7P8j/9HLGhUCAClkcax3/lmgRwKYrK/75RuiAVTj5eIPlrpaf:Y7kvIYO3KYrK/rdAJ5en

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks