0cee0abd2df5431a3d76fa4a8a7af8aacc81289ba1ce5f9efe5c278705ec4064

General
Target

0cee0abd2df5431a3d76fa4a8a7af8aacc81289ba1ce5f9efe5c278705ec4064

Size

337KB

Sample

211021-skmx8sbchp

Score
10 /10
MD5

921f2f14b65bd0feddf009a87a4693c1

SHA1

b5cc72c20216dcd95c554af2c6327595a4012f8d

SHA256

0cee0abd2df5431a3d76fa4a8a7af8aacc81289ba1ce5f9efe5c278705ec4064

SHA512

832a88967be2b19c34e292e83d317bdc6d5dd9173fb670cd5ffe125cc91d3f7950d45d261dd97b9082cf82c4012e159bd45be91db3029b738005d9f67c53aa00

Malware Config

Extracted

Family redline
Botnet UTS
C2

45.9.20.182:52236

Targets
Target

0cee0abd2df5431a3d76fa4a8a7af8aacc81289ba1ce5f9efe5c278705ec4064

MD5

921f2f14b65bd0feddf009a87a4693c1

Filesize

337KB

Score
10/10
SHA1

b5cc72c20216dcd95c554af2c6327595a4012f8d

SHA256

0cee0abd2df5431a3d76fa4a8a7af8aacc81289ba1ce5f9efe5c278705ec4064

SHA512

832a88967be2b19c34e292e83d317bdc6d5dd9173fb670cd5ffe125cc91d3f7950d45d261dd97b9082cf82c4012e159bd45be91db3029b738005d9f67c53aa00

Tags

Signatures

  • RedLine

    Description

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    Tags

  • RedLine Payload

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10