General

  • Target

    a6aad7f2e491419311436fab5d35ff79814c2b538a92798fef1752cc0223b1c7

  • Size

    422KB

  • Sample

    241107-qd156svpgk

  • MD5

    9ccb3d270dd8de59f969e7e679e18525

  • SHA1

    dc67ca46d718ae7877c4e388dedb4501fa1a0dac

  • SHA256

    a6aad7f2e491419311436fab5d35ff79814c2b538a92798fef1752cc0223b1c7

  • SHA512

    529a6d9a06ae561c1f81cc21b7a1a99ff062c5f7436f99b81b7304de3a530654195a35b8aeca9bf246b28ddf7b88c52ce650037fca34b0a65c5a55031144d7dc

  • SSDEEP

    12288:snEt5YG/nn8LXObRBxF6fSoDJMeAZomw:snw/nCXObf6zNMGN

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      a6aad7f2e491419311436fab5d35ff79814c2b538a92798fef1752cc0223b1c7

    • Size

      422KB

    • MD5

      9ccb3d270dd8de59f969e7e679e18525

    • SHA1

      dc67ca46d718ae7877c4e388dedb4501fa1a0dac

    • SHA256

      a6aad7f2e491419311436fab5d35ff79814c2b538a92798fef1752cc0223b1c7

    • SHA512

      529a6d9a06ae561c1f81cc21b7a1a99ff062c5f7436f99b81b7304de3a530654195a35b8aeca9bf246b28ddf7b88c52ce650037fca34b0a65c5a55031144d7dc

    • SSDEEP

      12288:snEt5YG/nn8LXObRBxF6fSoDJMeAZomw:snw/nCXObf6zNMGN

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks