General

  • Target

    2df568fd2c5dec264a9036ebd26ba7a2f61599a57cf843e3fd83cd4663926bf7.exe

  • Size

    1.1MB

  • Sample

    241123-jr97nsxpcj

  • MD5

    be4268bd5229b479ad9c446943303795

  • SHA1

    2a4141a8db79086003ef586771de0a6cb33921ca

  • SHA256

    2df568fd2c5dec264a9036ebd26ba7a2f61599a57cf843e3fd83cd4663926bf7

  • SHA512

    c3cbd53e15216849702c45e65c21a68cd74bf9d161bbf736c56945ab1f88c40cfb442979acbf110ad7d0a3bf6b91a8653902a52fb40aabdda039f2f87dfddd69

  • SSDEEP

    24576:E0Vs8ABbiCw+SFuGzJgkcHXMVB52Sg/cmom2Ket6zattBcQuVhxY26EI:Ej80L1SFulXMV/gkBmtet621vuVhd7I

Malware Config

Extracted

Family

redline

Botnet

@Js_scr

C2

185.209.22.181:29234

Attributes
  • auth_value

    5a0918bd3e8ede8e02c8dd9d106a996d

Targets

    • Target

      2df568fd2c5dec264a9036ebd26ba7a2f61599a57cf843e3fd83cd4663926bf7.exe

    • Size

      1.1MB

    • MD5

      be4268bd5229b479ad9c446943303795

    • SHA1

      2a4141a8db79086003ef586771de0a6cb33921ca

    • SHA256

      2df568fd2c5dec264a9036ebd26ba7a2f61599a57cf843e3fd83cd4663926bf7

    • SHA512

      c3cbd53e15216849702c45e65c21a68cd74bf9d161bbf736c56945ab1f88c40cfb442979acbf110ad7d0a3bf6b91a8653902a52fb40aabdda039f2f87dfddd69

    • SSDEEP

      24576:E0Vs8ABbiCw+SFuGzJgkcHXMVB52Sg/cmom2Ket6zattBcQuVhxY26EI:Ej80L1SFulXMV/gkBmtet621vuVhd7I

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Redline family

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks