General

  • Target

    26540e60d97829021e6fb54ebe4f612e8e438dc28978c18c5d937383ec34c7bd

  • Size

    422KB

  • Sample

    241107-t14flaykbl

  • MD5

    f7db5a6a3ce7a2b0a0a0a4d0e06b5ea0

  • SHA1

    76bcc2d71d7e2d03bb6aec1b6a050325a4f27ca0

  • SHA256

    26540e60d97829021e6fb54ebe4f612e8e438dc28978c18c5d937383ec34c7bd

  • SHA512

    bbf584d79a503000de9b43f5aa1c9df56ade3c15f7452f02d8abe0cf0b49c114899f79c76738a10405d3fbc7b1042aa4f5535a3ff78460be95b96fbd478df2af

  • SSDEEP

    12288:snEt5YG/nn8LXObRBxF6fSoDJMeAZomw:snw/nCXObf6zNMGN

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      26540e60d97829021e6fb54ebe4f612e8e438dc28978c18c5d937383ec34c7bd

    • Size

      422KB

    • MD5

      f7db5a6a3ce7a2b0a0a0a4d0e06b5ea0

    • SHA1

      76bcc2d71d7e2d03bb6aec1b6a050325a4f27ca0

    • SHA256

      26540e60d97829021e6fb54ebe4f612e8e438dc28978c18c5d937383ec34c7bd

    • SHA512

      bbf584d79a503000de9b43f5aa1c9df56ade3c15f7452f02d8abe0cf0b49c114899f79c76738a10405d3fbc7b1042aa4f5535a3ff78460be95b96fbd478df2af

    • SSDEEP

      12288:snEt5YG/nn8LXObRBxF6fSoDJMeAZomw:snw/nCXObf6zNMGN

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks