General

  • Target

    0x0008000000013110-109.dat

  • Size

    172KB

  • Sample

    240307-3vx63aae9x

  • MD5

    6b0e059ed710c1420721ffa360c13dc4

  • SHA1

    e059af86dcc609c88de6af72e64da37f32921a58

  • SHA256

    944686657b0935f62cb1bc445744e85bf1277232ba4286920c83b53f23172a19

  • SHA512

    b0ad9fc5542cfa260cb6fbbe795bbcccc5e9e69dcdb9b6d3610dc2b7bda58ccddcd107f8da28b24c002668405748de29824cfed2f5cdbd1cdc12b30501f17f4e

  • SSDEEP

    3072:QBF8QOIKbe97H9rWRxNB2NjrOSHy+8e8hg:q8MVdaHMOSHy+

Malware Config

Extracted

Family

redline

Botnet

maxi

C2

83.97.73.126:19048

Attributes
  • auth_value

    6a3f22e5f4209b056a3fd330dc71956a

Targets

    • Target

      0x0008000000013110-109.dat

    • Size

      172KB

    • MD5

      6b0e059ed710c1420721ffa360c13dc4

    • SHA1

      e059af86dcc609c88de6af72e64da37f32921a58

    • SHA256

      944686657b0935f62cb1bc445744e85bf1277232ba4286920c83b53f23172a19

    • SHA512

      b0ad9fc5542cfa260cb6fbbe795bbcccc5e9e69dcdb9b6d3610dc2b7bda58ccddcd107f8da28b24c002668405748de29824cfed2f5cdbd1cdc12b30501f17f4e

    • SSDEEP

      3072:QBF8QOIKbe97H9rWRxNB2NjrOSHy+8e8hg:q8MVdaHMOSHy+

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

MITRE ATT&CK Matrix

Tasks