General

  • Target

    6f63ddb0a32c1c2c4b4ea5a5c31a5ba32fe29012444f7f2b6ddb781e7c14647e

  • Size

    340KB

  • Sample

    241105-sjq89sspaw

  • MD5

    1ddcedd92ef6a7d9549b943db4395aa1

  • SHA1

    c603d98781611328a633b3b8813034f6261e4eae

  • SHA256

    6f63ddb0a32c1c2c4b4ea5a5c31a5ba32fe29012444f7f2b6ddb781e7c14647e

  • SHA512

    bbb4a034059f10d42230ca6d49210176846d4eb89977f18df8487fc55a4f451433969a6b965066ac09bcb532b26d8c6cad15b9f05a0ae82410d5d238e6d61148

  • SSDEEP

    6144:nbDQmioYCCAYp5fRZOVANlZ1iJ5ZccG7uMR9NX23BoIgPEDZCO4lw1JedPlC:nbDQ7LpDcVAN1lDm3BoIgPEDZCO4lw1H

Malware Config

Extracted

Family

redline

Botnet

24.01

C2

37.220.86.164:29170

Attributes
  • auth_value

    1c7f0aa21138601b5201a3a4a0123991

Targets

    • Target

      6f63ddb0a32c1c2c4b4ea5a5c31a5ba32fe29012444f7f2b6ddb781e7c14647e

    • Size

      340KB

    • MD5

      1ddcedd92ef6a7d9549b943db4395aa1

    • SHA1

      c603d98781611328a633b3b8813034f6261e4eae

    • SHA256

      6f63ddb0a32c1c2c4b4ea5a5c31a5ba32fe29012444f7f2b6ddb781e7c14647e

    • SHA512

      bbb4a034059f10d42230ca6d49210176846d4eb89977f18df8487fc55a4f451433969a6b965066ac09bcb532b26d8c6cad15b9f05a0ae82410d5d238e6d61148

    • SSDEEP

      6144:nbDQmioYCCAYp5fRZOVANlZ1iJ5ZccG7uMR9NX23BoIgPEDZCO4lw1JedPlC:nbDQ7LpDcVAN1lDm3BoIgPEDZCO4lw1H

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks