General

  • Target

    4bbd426ed7a36c1ecbe49571393083c32301b23517afbd7d87086d720aab8648

  • Size

    302KB

  • Sample

    241107-2mtcgazcpn

  • MD5

    9cd60acdb479ee286226da961b7df58f

  • SHA1

    ede40d27fed298ad321c246bc9d447e521cc2dd6

  • SHA256

    4bbd426ed7a36c1ecbe49571393083c32301b23517afbd7d87086d720aab8648

  • SHA512

    01f111bbbe5318d5eb3e9bbdd8f17041f9f4a491b2c233a36d785f113a44efa163312e8039d4b09c614b5da86ee011f9c8a3b7abc1745f65914f9dee85f29076

  • SSDEEP

    3072:l8XLArFsh796WIYCt9ouTDXV1lIYNbMFjwBc5wbfRny9F4znqpN1tT+3QcxH2ocC:lpCTw9ouTDljIYpcwcgCm2Z7AiC6SQ

Malware Config

Extracted

Family

redline

Botnet

11

C2

45.9.20.157:46257

Attributes
  • auth_value

    344c26d7f808f9c29e47633026f19aa5

Targets

    • Target

      4bbd426ed7a36c1ecbe49571393083c32301b23517afbd7d87086d720aab8648

    • Size

      302KB

    • MD5

      9cd60acdb479ee286226da961b7df58f

    • SHA1

      ede40d27fed298ad321c246bc9d447e521cc2dd6

    • SHA256

      4bbd426ed7a36c1ecbe49571393083c32301b23517afbd7d87086d720aab8648

    • SHA512

      01f111bbbe5318d5eb3e9bbdd8f17041f9f4a491b2c233a36d785f113a44efa163312e8039d4b09c614b5da86ee011f9c8a3b7abc1745f65914f9dee85f29076

    • SSDEEP

      3072:l8XLArFsh796WIYCt9ouTDXV1lIYNbMFjwBc5wbfRny9F4znqpN1tT+3QcxH2ocC:lpCTw9ouTDljIYpcwcgCm2Z7AiC6SQ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks