General
-
Target
https://cdn.discordapp.com/attachments/1308780210522427392/1309109669523886131/FaceitHack.exe?ex=674062e3&is=673f1163&hm=5d61a202fa9f509cc6b693a7d4c58f17846c2dccd742f4648f4de79a822df2e9&
-
Sample
241121-mz7nas1pd1
Score
10/10
Malware Config
Extracted
Family
redline
C2
37.220.87.13:48790
Attributes
-
auth_value
a56683d0896c742a00bd32258a45a2b3
Targets
-
-
Target
https://cdn.discordapp.com/attachments/1308780210522427392/1309109669523886131/FaceitHack.exe?ex=674062e3&is=673f1163&hm=5d61a202fa9f509cc6b693a7d4c58f17846c2dccd742f4648f4de79a822df2e9&
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-