General

  • Target

    5f43489ac32b227a5f61dc04e7fb267cc6f6a9ae8e85ba60cd5dc0958b3e071a

  • Size

    709KB

  • Sample

    241111-hngwaavhna

  • MD5

    8f92ba54dcdaab9ce8dd43ad6407346d

  • SHA1

    b28a84935486e2fe10313816772cc276211b1d73

  • SHA256

    5f43489ac32b227a5f61dc04e7fb267cc6f6a9ae8e85ba60cd5dc0958b3e071a

  • SHA512

    fc35673221857d47c0368ea10edb2ae7c2153da1e72b6753f37222ddf92c098d3e9f79f9b8f28574e3d0f0658ed9ee9001d2ba32883f35c71c6b578e104e4a77

  • SSDEEP

    12288:VMr0y90zM7mXyIe8vkb6Kx/pvXha6NuvyxJ3A77nz9B7lG:ZyoM888v8/pvXhtNuKxNcJG

Malware Config

Targets

    • Target

      5f43489ac32b227a5f61dc04e7fb267cc6f6a9ae8e85ba60cd5dc0958b3e071a

    • Size

      709KB

    • MD5

      8f92ba54dcdaab9ce8dd43ad6407346d

    • SHA1

      b28a84935486e2fe10313816772cc276211b1d73

    • SHA256

      5f43489ac32b227a5f61dc04e7fb267cc6f6a9ae8e85ba60cd5dc0958b3e071a

    • SHA512

      fc35673221857d47c0368ea10edb2ae7c2153da1e72b6753f37222ddf92c098d3e9f79f9b8f28574e3d0f0658ed9ee9001d2ba32883f35c71c6b578e104e4a77

    • SSDEEP

      12288:VMr0y90zM7mXyIe8vkb6Kx/pvXha6NuvyxJ3A77nz9B7lG:ZyoM888v8/pvXhtNuKxNcJG

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks