General

  • Target

    9900c54dc1861786b8f420e8a4373b2affc6a830bb3d2b688276d1631e3421cf

  • Size

    346KB

  • Sample

    241107-qk2ehsslbv

  • MD5

    a87177888a00865e5d473025c03fd109

  • SHA1

    3aa28268298f970ca18a38165b9f798a7d11eac7

  • SHA256

    9900c54dc1861786b8f420e8a4373b2affc6a830bb3d2b688276d1631e3421cf

  • SHA512

    f8492c87cda63098a80dc32a7a9de0adc9484ddc3107fdcd59f7b41eecdc105b0d46d23b45c40d666fc0940f0ce0c43827888e1ff361ccde79a2d1069e169e80

  • SSDEEP

    6144:6H2yHHfy3TH0WvNHC9PfNwB+Mqb7ITsqXigaa:6H2yHHfiTWPFwoMq7R

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      9900c54dc1861786b8f420e8a4373b2affc6a830bb3d2b688276d1631e3421cf

    • Size

      346KB

    • MD5

      a87177888a00865e5d473025c03fd109

    • SHA1

      3aa28268298f970ca18a38165b9f798a7d11eac7

    • SHA256

      9900c54dc1861786b8f420e8a4373b2affc6a830bb3d2b688276d1631e3421cf

    • SHA512

      f8492c87cda63098a80dc32a7a9de0adc9484ddc3107fdcd59f7b41eecdc105b0d46d23b45c40d666fc0940f0ce0c43827888e1ff361ccde79a2d1069e169e80

    • SSDEEP

      6144:6H2yHHfy3TH0WvNHC9PfNwB+Mqb7ITsqXigaa:6H2yHHfiTWPFwoMq7R

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks