General

  • Target

    b5a7225e8d6d04a32ec90cf472f8183f29456907

  • Size

    402KB

  • Sample

    241106-xsjm1avnay

  • MD5

    ebffd5e1ec5b7f9ea9c3528264df86c1

  • SHA1

    b5a7225e8d6d04a32ec90cf472f8183f29456907

  • SHA256

    4734d49f74d6bd728f949cf0b5a753a290886aa28ab59dee86a46958cd112cef

  • SHA512

    db3a9540fcdde39b11f224a3f2d75847841c922938d1c616263f682531eb6f92cc35f44e5aef49d095f4f00a6b0426f6879b4442465ffba06a2f02137923dead

  • SSDEEP

    6144:zJOdEvFD+ushAXZ+VCjvHVBDK9KzXF6DnErNHpqvSdBV49ZezN:FOdEtDPshAXZ+wjdBK9KjFM4DCiN

Malware Config

Extracted

Family

redline

Botnet

SEWPALPADIN

C2

45.9.20.111:1355

Attributes
  • auth_value

    8ca76b3bc579d0d08c2ac1a429d4f5a0

Targets

    • Target

      b5a7225e8d6d04a32ec90cf472f8183f29456907

    • Size

      402KB

    • MD5

      ebffd5e1ec5b7f9ea9c3528264df86c1

    • SHA1

      b5a7225e8d6d04a32ec90cf472f8183f29456907

    • SHA256

      4734d49f74d6bd728f949cf0b5a753a290886aa28ab59dee86a46958cd112cef

    • SHA512

      db3a9540fcdde39b11f224a3f2d75847841c922938d1c616263f682531eb6f92cc35f44e5aef49d095f4f00a6b0426f6879b4442465ffba06a2f02137923dead

    • SSDEEP

      6144:zJOdEvFD+ushAXZ+VCjvHVBDK9KzXF6DnErNHpqvSdBV49ZezN:FOdEtDPshAXZ+wjdBK9KjFM4DCiN

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks