General

  • Target

    90a784332d475749c5776b9cbe77c3e69163b94a820680af1b2aaa32837a9102

  • Size

    410KB

  • Sample

    241107-s6wghaxndl

  • MD5

    aaa88d47539383cdc178c50e2637e588

  • SHA1

    12315b032ca4fa4b7c5516f5c271415d974b1c1c

  • SHA256

    90a784332d475749c5776b9cbe77c3e69163b94a820680af1b2aaa32837a9102

  • SHA512

    8349cbdd41bb4acd5018cc1a6fcef7151cc7c9e777f52a02ba66e1a6786602e1e40524d2e1327531defdc5a43362846d5d1dff84ade0844fe6e49d9c876401fe

  • SSDEEP

    6144:kMRBC/R6TE/iRAtvdnm4iYVC0dbflCZjmUdhTjMmhIkzHf0KRGGDkTB5wCuPG1:AW6tc4iGCyfIZjmFmikzHf0D0kTFiG

Malware Config

Extracted

Family

redline

Botnet

11

C2

45.9.20.157:46257

Attributes
  • auth_value

    344c26d7f808f9c29e47633026f19aa5

Targets

    • Target

      90a784332d475749c5776b9cbe77c3e69163b94a820680af1b2aaa32837a9102

    • Size

      410KB

    • MD5

      aaa88d47539383cdc178c50e2637e588

    • SHA1

      12315b032ca4fa4b7c5516f5c271415d974b1c1c

    • SHA256

      90a784332d475749c5776b9cbe77c3e69163b94a820680af1b2aaa32837a9102

    • SHA512

      8349cbdd41bb4acd5018cc1a6fcef7151cc7c9e777f52a02ba66e1a6786602e1e40524d2e1327531defdc5a43362846d5d1dff84ade0844fe6e49d9c876401fe

    • SSDEEP

      6144:kMRBC/R6TE/iRAtvdnm4iYVC0dbflCZjmUdhTjMmhIkzHf0KRGGDkTB5wCuPG1:AW6tc4iGCyfIZjmFmikzHf0D0kTFiG

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks