General

  • Target

    baff53e3c9fc38fb7a98c24263ad78315e917eed24db7d278e935e97e35a6e07

  • Size

    445KB

  • Sample

    241030-1t935atkan

  • MD5

    ff93ee9303bcc7a8f49d4b6f2f00bfe9

  • SHA1

    144c98db52f2c875538eff45b8c1d68e58bebfc3

  • SHA256

    baff53e3c9fc38fb7a98c24263ad78315e917eed24db7d278e935e97e35a6e07

  • SHA512

    e4f5ea5dbea83b9abf1b99d63ebe20b2574d343a2208b860d4954b70725f9a58acf4bd69cd211ab85dd45f2ad5f4b3d6c87c6bafb0cc19f1d5d3fff68e846d92

  • SSDEEP

    12288:YQReUiWXD0vcHxmvmWekPoZUlcP/zMhR:YRUNgvcHwmg5sz

Malware Config

Extracted

Family

redline

Botnet

ww

C2

45.9.20.168:46257

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      baff53e3c9fc38fb7a98c24263ad78315e917eed24db7d278e935e97e35a6e07

    • Size

      445KB

    • MD5

      ff93ee9303bcc7a8f49d4b6f2f00bfe9

    • SHA1

      144c98db52f2c875538eff45b8c1d68e58bebfc3

    • SHA256

      baff53e3c9fc38fb7a98c24263ad78315e917eed24db7d278e935e97e35a6e07

    • SHA512

      e4f5ea5dbea83b9abf1b99d63ebe20b2574d343a2208b860d4954b70725f9a58acf4bd69cd211ab85dd45f2ad5f4b3d6c87c6bafb0cc19f1d5d3fff68e846d92

    • SSDEEP

      12288:YQReUiWXD0vcHxmvmWekPoZUlcP/zMhR:YRUNgvcHwmg5sz

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks