General

  • Target

    b94939dbe347b96adf608f5cdf756eec4376691c051b235efe156eece7d7a119

  • Size

    438KB

  • Sample

    241107-pgjjvssbpg

  • MD5

    88b4eda075a65c02faae64fdd20c7cc5

  • SHA1

    58f112885003e2b5b9a565956a00226cb8a88d80

  • SHA256

    b94939dbe347b96adf608f5cdf756eec4376691c051b235efe156eece7d7a119

  • SHA512

    9f515fac5aa4c5e493b9eb260c27e7bcca946cf32a3d8f0d5e32b4f4d89abef81996939edda78c6a59861f04dc13898fe04b5b090b7587ce4c350345962412e5

  • SSDEEP

    12288:wqkdKtC4xiAqjop8iDPRSRjAHzi5nHbZRK8nPyy3eBPno:1cqxx1p8LK8KQc

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      b94939dbe347b96adf608f5cdf756eec4376691c051b235efe156eece7d7a119

    • Size

      438KB

    • MD5

      88b4eda075a65c02faae64fdd20c7cc5

    • SHA1

      58f112885003e2b5b9a565956a00226cb8a88d80

    • SHA256

      b94939dbe347b96adf608f5cdf756eec4376691c051b235efe156eece7d7a119

    • SHA512

      9f515fac5aa4c5e493b9eb260c27e7bcca946cf32a3d8f0d5e32b4f4d89abef81996939edda78c6a59861f04dc13898fe04b5b090b7587ce4c350345962412e5

    • SSDEEP

      12288:wqkdKtC4xiAqjop8iDPRSRjAHzi5nHbZRK8nPyy3eBPno:1cqxx1p8LK8KQc

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks