General

  • Target

    231b3dc60275be563bab023f51a8c224a1b9db06

  • Size

    301KB

  • Sample

    241111-gv1fjaxqdj

  • MD5

    1af6e6771f7ff3d03195e96692c04b35

  • SHA1

    231b3dc60275be563bab023f51a8c224a1b9db06

  • SHA256

    5d7c5719a225d3b7546592be1331c3d0193e032637488ac08a518201ae09614f

  • SHA512

    f2617548cfc37c7b330b711bb30279548bdd5bfc4643f212a6de822052eee731cf4b49099e729d52bd5f65f42492dd1adb2922946ade2ffd40d8dbc107bb45c3

  • SSDEEP

    6144:G9oAdBhXnbCib7zW7hAOOiGUyUt1TQ+VCHegcA5hNo:GGAdB94NDFVC++5To

Malware Config

Extracted

Family

redline

Botnet

9-5

C2

139.99.32.83:43199

Attributes
  • auth_value

    637de2b47f42d9cc7912f71cb6b57b5b

Targets

    • Target

      231b3dc60275be563bab023f51a8c224a1b9db06

    • Size

      301KB

    • MD5

      1af6e6771f7ff3d03195e96692c04b35

    • SHA1

      231b3dc60275be563bab023f51a8c224a1b9db06

    • SHA256

      5d7c5719a225d3b7546592be1331c3d0193e032637488ac08a518201ae09614f

    • SHA512

      f2617548cfc37c7b330b711bb30279548bdd5bfc4643f212a6de822052eee731cf4b49099e729d52bd5f65f42492dd1adb2922946ade2ffd40d8dbc107bb45c3

    • SSDEEP

      6144:G9oAdBhXnbCib7zW7hAOOiGUyUt1TQ+VCHegcA5hNo:GGAdB94NDFVC++5To

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks