General

  • Target

    fc5de864885dd6356c2fc91cff867efa50dd75856b26d41cb27194c8c0780ac2

  • Size

    265KB

  • Sample

    241113-nxnm3s1elb

  • MD5

    50ca49634420336958ce73629d9a2cf6

  • SHA1

    9653e0449a18dbdb8af685f6b16b055cea530139

  • SHA256

    fc5de864885dd6356c2fc91cff867efa50dd75856b26d41cb27194c8c0780ac2

  • SHA512

    1839501ba5a1554c97efa99493b565b8780c403750f9a46ad3fee7f8a2073f0bebc54aa79865a3cea13a43c17d58665bd85e0ba2a8e9ba369ea34e0aebdce009

  • SSDEEP

    6144:r0VLG6ytpg56d+Qa5BLhlEpZeVtveyqyC50G7hxWaZiHG6V:yLGNpEvnr+pZeVgyqyCPlsscG6V

Malware Config

Targets

    • Target

      fc5de864885dd6356c2fc91cff867efa50dd75856b26d41cb27194c8c0780ac2

    • Size

      265KB

    • MD5

      50ca49634420336958ce73629d9a2cf6

    • SHA1

      9653e0449a18dbdb8af685f6b16b055cea530139

    • SHA256

      fc5de864885dd6356c2fc91cff867efa50dd75856b26d41cb27194c8c0780ac2

    • SHA512

      1839501ba5a1554c97efa99493b565b8780c403750f9a46ad3fee7f8a2073f0bebc54aa79865a3cea13a43c17d58665bd85e0ba2a8e9ba369ea34e0aebdce009

    • SSDEEP

      6144:r0VLG6ytpg56d+Qa5BLhlEpZeVtveyqyC50G7hxWaZiHG6V:yLGNpEvnr+pZeVgyqyCPlsscG6V

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Loads dropped DLL

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks