General

  • Target

    87f86d2d2749e340e85dc5ed2542c83e3efb9791a106b3a135679c1de6c56fa7N.exe

  • Size

    918KB

  • Sample

    241217-ym1j1axlfq

  • MD5

    a84b4b311d393ad1348be4e49bb79210

  • SHA1

    3c683326b2b1d033d187696a70a976c7071f22e4

  • SHA256

    87f86d2d2749e340e85dc5ed2542c83e3efb9791a106b3a135679c1de6c56fa7

  • SHA512

    bef0dccf848d2e98b4d8dfe2785986ed422dfab6fdf3b5689f92dab922fcd73437c92fc6116a4b6b9e9dfbf8552a1c2189d350f78dc8630712d2297439cb697c

  • SSDEEP

    24576:dj/Jnz1GJ3mMB5CGOGwso7h+u3bULc/E3N4L/qztN942j4Oi4fb0QMrGRBgKYccp:d9n5GJlirku3bULc/E3N4L/qztN942jm

Malware Config

Extracted

Family

redline

Botnet

TORRENTOLD

C2

amrican-sport-live-stream.cc:4581

Attributes
  • auth_value

    74e1b58bf920611f04c0e3919954fe05

Targets

    • Target

      87f86d2d2749e340e85dc5ed2542c83e3efb9791a106b3a135679c1de6c56fa7N.exe

    • Size

      918KB

    • MD5

      a84b4b311d393ad1348be4e49bb79210

    • SHA1

      3c683326b2b1d033d187696a70a976c7071f22e4

    • SHA256

      87f86d2d2749e340e85dc5ed2542c83e3efb9791a106b3a135679c1de6c56fa7

    • SHA512

      bef0dccf848d2e98b4d8dfe2785986ed422dfab6fdf3b5689f92dab922fcd73437c92fc6116a4b6b9e9dfbf8552a1c2189d350f78dc8630712d2297439cb697c

    • SSDEEP

      24576:dj/Jnz1GJ3mMB5CGOGwso7h+u3bULc/E3N4L/qztN942j4Oi4fb0QMrGRBgKYccp:d9n5GJlirku3bULc/E3N4L/qztN942jm

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks