General

  • Target

    11d756fc1b687bd98994c8e507ded4f80cddc4c3b658c4239b18e450f9fcbbfc

  • Size

    297KB

  • Sample

    241107-qea1daskcw

  • MD5

    164fb66f380cdafdfa42ecbd9662984c

  • SHA1

    e60ba5e314d6447efcf357acde2797149c12b96f

  • SHA256

    11d756fc1b687bd98994c8e507ded4f80cddc4c3b658c4239b18e450f9fcbbfc

  • SHA512

    99b72a7e0b3e4acd2e1d4b72cec336eeb630ab62434def883ee027bb34037d8dfa23216699dc33692515e96e7a0bf4d4f33fee4beb9e3c6ec3fb96dcaaacd0ce

  • SSDEEP

    6144:bvzGiXPoPRvZzhR9WEjQJIud9k70st5J0c8f0wPIQJ:bLGiXPoPRxYEjQJIudS0SJ0c8f0wP

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      11d756fc1b687bd98994c8e507ded4f80cddc4c3b658c4239b18e450f9fcbbfc

    • Size

      297KB

    • MD5

      164fb66f380cdafdfa42ecbd9662984c

    • SHA1

      e60ba5e314d6447efcf357acde2797149c12b96f

    • SHA256

      11d756fc1b687bd98994c8e507ded4f80cddc4c3b658c4239b18e450f9fcbbfc

    • SHA512

      99b72a7e0b3e4acd2e1d4b72cec336eeb630ab62434def883ee027bb34037d8dfa23216699dc33692515e96e7a0bf4d4f33fee4beb9e3c6ec3fb96dcaaacd0ce

    • SSDEEP

      6144:bvzGiXPoPRvZzhR9WEjQJIud9k70st5J0c8f0wPIQJ:bLGiXPoPRxYEjQJIudS0SJ0c8f0wP

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks