General

  • Target

    XWormLoader.exe

  • Size

    684KB

  • Sample

    241211-yp5xhawnh1

  • MD5

    e8e0065b1cade61de10069945bd335fa

  • SHA1

    5076539e3ff6c7daa4af5c5abce274e3d8efb1d6

  • SHA256

    498063df1a178cf85f89062cdeca2a8f26cd93ff90d246e027d58f8972868303

  • SHA512

    b89dee4c730480e9283759ec94e2d58c76e187e914af6382b1c630a549546bf979c1f36d751e51d32f6fc3468a382ac92a0947e05eb0f7f187b341b2d9f908cb

  • SSDEEP

    12288:zrUQw+2uPHL2hWsL94HPkH+oG7kSKT5TKk:wVuPr2hWsL94y+oG1K5ek

Malware Config

Targets

    • Target

      XWormLoader.exe

    • Size

      684KB

    • MD5

      e8e0065b1cade61de10069945bd335fa

    • SHA1

      5076539e3ff6c7daa4af5c5abce274e3d8efb1d6

    • SHA256

      498063df1a178cf85f89062cdeca2a8f26cd93ff90d246e027d58f8972868303

    • SHA512

      b89dee4c730480e9283759ec94e2d58c76e187e914af6382b1c630a549546bf979c1f36d751e51d32f6fc3468a382ac92a0947e05eb0f7f187b341b2d9f908cb

    • SSDEEP

      12288:zrUQw+2uPHL2hWsL94HPkH+oG7kSKT5TKk:wVuPr2hWsL94y+oG1K5ek

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks