General

  • Target

    908b3198ec49e4e846cd9197b12857eddc4bb5d1c83441d528b6352dbb289ea4

  • Size

    438KB

  • Sample

    241107-szyy2sxmdm

  • MD5

    9f9ce1ed49d94b85e9af919f5b8c72a2

  • SHA1

    f808d59a14e1f1e61f11a9a7ac6edff888894c65

  • SHA256

    908b3198ec49e4e846cd9197b12857eddc4bb5d1c83441d528b6352dbb289ea4

  • SHA512

    83b3520b20438711f1e7556ec3e41021db515378661bfdc6429591605ba737335753442f63967398a345878f97cb177050be18d7b135e87bd46b9c2fea0de9a3

  • SSDEEP

    12288:4YhchiYJX9unlW7RSRjAH3i5nHxAfSLA+dQH0xP4:4Yh5w9ul2qLAHU

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      908b3198ec49e4e846cd9197b12857eddc4bb5d1c83441d528b6352dbb289ea4

    • Size

      438KB

    • MD5

      9f9ce1ed49d94b85e9af919f5b8c72a2

    • SHA1

      f808d59a14e1f1e61f11a9a7ac6edff888894c65

    • SHA256

      908b3198ec49e4e846cd9197b12857eddc4bb5d1c83441d528b6352dbb289ea4

    • SHA512

      83b3520b20438711f1e7556ec3e41021db515378661bfdc6429591605ba737335753442f63967398a345878f97cb177050be18d7b135e87bd46b9c2fea0de9a3

    • SSDEEP

      12288:4YhchiYJX9unlW7RSRjAH3i5nHxAfSLA+dQH0xP4:4Yh5w9ul2qLAHU

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks