General

  • Target

    0fb12ab6c4d09ff0b6669121c7b6df3132eac56b214a79bf0f6ac16232a3b1f9

  • Size

    338KB

  • Sample

    241105-rzedzavqdr

  • MD5

    c90db6d91aaea35c896e796fa17f6c92

  • SHA1

    2ebb39139982a9d5d5ac1685cd8a364b0aa3bc15

  • SHA256

    0fb12ab6c4d09ff0b6669121c7b6df3132eac56b214a79bf0f6ac16232a3b1f9

  • SHA512

    30146b0fb330e6335949013f42465dc9e8c933be4bba45d98c471a46461ae2319ccd827d6f1211355a8340d4640caf359f3e8cd28cfaeadc2ed2627434a09bfd

  • SSDEEP

    6144:nbDQmioYCCAYp5fRZOVANlZ1iJ5ZccG7uMR9NX23BoIgPEDZCO4lw1JedPlC:nbDQ7LpDcVAN1lDm3BoIgPEDZCO4lw1H

Malware Config

Extracted

Family

redline

Botnet

24.01

C2

37.220.86.164:29170

Attributes
  • auth_value

    1c7f0aa21138601b5201a3a4a0123991

Targets

    • Target

      0fb12ab6c4d09ff0b6669121c7b6df3132eac56b214a79bf0f6ac16232a3b1f9

    • Size

      338KB

    • MD5

      c90db6d91aaea35c896e796fa17f6c92

    • SHA1

      2ebb39139982a9d5d5ac1685cd8a364b0aa3bc15

    • SHA256

      0fb12ab6c4d09ff0b6669121c7b6df3132eac56b214a79bf0f6ac16232a3b1f9

    • SHA512

      30146b0fb330e6335949013f42465dc9e8c933be4bba45d98c471a46461ae2319ccd827d6f1211355a8340d4640caf359f3e8cd28cfaeadc2ed2627434a09bfd

    • SSDEEP

      6144:nbDQmioYCCAYp5fRZOVANlZ1iJ5ZccG7uMR9NX23BoIgPEDZCO4lw1JedPlC:nbDQ7LpDcVAN1lDm3BoIgPEDZCO4lw1H

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks