General

  • Target

    5de5e53fe18a3c5437a4cfe42045a4cba0e9d0bf6aab35aa6bc30a5253fd38dd

  • Size

    14.8MB

  • Sample

    241214-qq9cbavpbp

  • MD5

    9e060e31aade7ed35094092769518b80

  • SHA1

    90c0b53fda6fa57f85d7fa5055cb9d36e9760633

  • SHA256

    5de5e53fe18a3c5437a4cfe42045a4cba0e9d0bf6aab35aa6bc30a5253fd38dd

  • SHA512

    a5664d4a61fdcfbf0393cfab4b14c5d1ea3f5f2524fd2a9089dda53b05508b491979c5e4bca0e401c2d86483d5c294581a2317da8849415a6324930a86e12847

  • SSDEEP

    196608:WcPSoOXHoAjq/S6EEdlVU09Kgp6VuQxH6Iu1rL3ETc44lGWmxuxXdCV:5P4XIAe//EEdjNS4F1SEGWvPCV

Malware Config

Targets

    • Target

      5de5e53fe18a3c5437a4cfe42045a4cba0e9d0bf6aab35aa6bc30a5253fd38dd

    • Size

      14.8MB

    • MD5

      9e060e31aade7ed35094092769518b80

    • SHA1

      90c0b53fda6fa57f85d7fa5055cb9d36e9760633

    • SHA256

      5de5e53fe18a3c5437a4cfe42045a4cba0e9d0bf6aab35aa6bc30a5253fd38dd

    • SHA512

      a5664d4a61fdcfbf0393cfab4b14c5d1ea3f5f2524fd2a9089dda53b05508b491979c5e4bca0e401c2d86483d5c294581a2317da8849415a6324930a86e12847

    • SSDEEP

      196608:WcPSoOXHoAjq/S6EEdlVU09Kgp6VuQxH6Iu1rL3ETc44lGWmxuxXdCV:5P4XIAe//EEdjNS4F1SEGWvPCV

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks