General

  • Target

    99dbcef8b7076dd03dc7af669d50ace8a09343de972d7d25667c981e455fea48

  • Size

    297KB

  • Sample

    241107-pk33nsvkfn

  • MD5

    ff640d8bcd372eb81437a9b6d851531c

  • SHA1

    e28e65c1805793766f29431fc8d91bb7c1974c89

  • SHA256

    99dbcef8b7076dd03dc7af669d50ace8a09343de972d7d25667c981e455fea48

  • SHA512

    8739ba7232fd3f050c4d32213cb042de9cf41a0ef3a617a9f3f1761b6c2ebb606f009acb328dbd3787ee065f68b0a38528722564ffa830b1a7d52e9f1590c005

  • SSDEEP

    6144:bvzGiXPoPRvZzhR9WEjQJIud9k70st5J0c8f0wPIQJ:bLGiXPoPRxYEjQJIudS0SJ0c8f0wP

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      99dbcef8b7076dd03dc7af669d50ace8a09343de972d7d25667c981e455fea48

    • Size

      297KB

    • MD5

      ff640d8bcd372eb81437a9b6d851531c

    • SHA1

      e28e65c1805793766f29431fc8d91bb7c1974c89

    • SHA256

      99dbcef8b7076dd03dc7af669d50ace8a09343de972d7d25667c981e455fea48

    • SHA512

      8739ba7232fd3f050c4d32213cb042de9cf41a0ef3a617a9f3f1761b6c2ebb606f009acb328dbd3787ee065f68b0a38528722564ffa830b1a7d52e9f1590c005

    • SSDEEP

      6144:bvzGiXPoPRvZzhR9WEjQJIud9k70st5J0c8f0wPIQJ:bLGiXPoPRxYEjQJIudS0SJ0c8f0wP

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks