General

  • Target

    72a9f3ff47a900ec00910831ff99b8e37f49a6e55fbfb3cad16feb58af5061a4

  • Size

    423KB

  • Sample

    241107-pknmzs1ngx

  • MD5

    e67c846f17b39e41730533c34eb97ef5

  • SHA1

    b8e9f246bcd8a92c3f5dcacebf6da57b702e4750

  • SHA256

    72a9f3ff47a900ec00910831ff99b8e37f49a6e55fbfb3cad16feb58af5061a4

  • SHA512

    da3f444ac0d71f47f3406353a6bf0724cb2b21bda36fa26217bf53152c2efd8750743cc36462be30b07a3cca1d9e53950b8c559ae7f5e6c1aeb033d600d25dd6

  • SSDEEP

    6144:cMui5ObVmy+0LExccD4HOCL+qzPI1vCyuKkYi82Jzj6efYPV0p:GrLExjiOCyqzPI1vCyuKkBJzjL

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      72a9f3ff47a900ec00910831ff99b8e37f49a6e55fbfb3cad16feb58af5061a4

    • Size

      423KB

    • MD5

      e67c846f17b39e41730533c34eb97ef5

    • SHA1

      b8e9f246bcd8a92c3f5dcacebf6da57b702e4750

    • SHA256

      72a9f3ff47a900ec00910831ff99b8e37f49a6e55fbfb3cad16feb58af5061a4

    • SHA512

      da3f444ac0d71f47f3406353a6bf0724cb2b21bda36fa26217bf53152c2efd8750743cc36462be30b07a3cca1d9e53950b8c559ae7f5e6c1aeb033d600d25dd6

    • SSDEEP

      6144:cMui5ObVmy+0LExccD4HOCL+qzPI1vCyuKkYi82Jzj6efYPV0p:GrLExjiOCyqzPI1vCyuKkBJzjL

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks