General

  • Target

    06d81f10b162f2a6f8df11953533c30ac0d88834d28c02dac722308551523845

  • Size

    410KB

  • Sample

    241107-3xv5gszmbw

  • MD5

    b9cdb55c3e7b0f372c22cc30d89cab9a

  • SHA1

    abfd51f8327eb67c40ce893ccfcc760df23a21be

  • SHA256

    06d81f10b162f2a6f8df11953533c30ac0d88834d28c02dac722308551523845

  • SHA512

    8350f31838af08530ebae9fa1c36d969c44e92c04c737d39154124d0585fa6e3fc74e28109ef29ad30fefe7d6b99f3ae31996a2775fd2b6be6015c051a45b97b

  • SSDEEP

    6144:kMRBC/R6TE/iRAtvdnm4iYVC0dbflCZjmUdhTjMmhIkzHf0KRGGDkTB5wCuPG1:AW6tc4iGCyfIZjmFmikzHf0D0kTFiG

Malware Config

Extracted

Family

redline

Botnet

11

C2

45.9.20.157:46257

Attributes
  • auth_value

    344c26d7f808f9c29e47633026f19aa5

Targets

    • Target

      06d81f10b162f2a6f8df11953533c30ac0d88834d28c02dac722308551523845

    • Size

      410KB

    • MD5

      b9cdb55c3e7b0f372c22cc30d89cab9a

    • SHA1

      abfd51f8327eb67c40ce893ccfcc760df23a21be

    • SHA256

      06d81f10b162f2a6f8df11953533c30ac0d88834d28c02dac722308551523845

    • SHA512

      8350f31838af08530ebae9fa1c36d969c44e92c04c737d39154124d0585fa6e3fc74e28109ef29ad30fefe7d6b99f3ae31996a2775fd2b6be6015c051a45b97b

    • SSDEEP

      6144:kMRBC/R6TE/iRAtvdnm4iYVC0dbflCZjmUdhTjMmhIkzHf0KRGGDkTB5wCuPG1:AW6tc4iGCyfIZjmFmikzHf0D0kTFiG

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks