General

  • Target

    9367f4f56ca863819ee54d0e77c64ffe1ed51b6f36c0f0cad70ec919691b8c14

  • Size

    371KB

  • Sample

    241107-vcwxaavqcy

  • MD5

    d1d2527d62c568de683027b870d30343

  • SHA1

    d0ee2af40104fe3f84eff464c3bc0fe03d487711

  • SHA256

    9367f4f56ca863819ee54d0e77c64ffe1ed51b6f36c0f0cad70ec919691b8c14

  • SHA512

    35b9990e54c8314ad5b116c040ef1e23784ddbb182eb44df2f2d1004c695251aa979d4fc08dd81a3abce9b86869bcfca2fe359349719876af846dd98e08de3e2

  • SSDEEP

    6144:YnhF/lqEwRXUPzi9sgiZo4nG6Wp39Ezb7ITsqXigaXwVfi:ohF/lN/z+wDnVimP7R

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      9367f4f56ca863819ee54d0e77c64ffe1ed51b6f36c0f0cad70ec919691b8c14

    • Size

      371KB

    • MD5

      d1d2527d62c568de683027b870d30343

    • SHA1

      d0ee2af40104fe3f84eff464c3bc0fe03d487711

    • SHA256

      9367f4f56ca863819ee54d0e77c64ffe1ed51b6f36c0f0cad70ec919691b8c14

    • SHA512

      35b9990e54c8314ad5b116c040ef1e23784ddbb182eb44df2f2d1004c695251aa979d4fc08dd81a3abce9b86869bcfca2fe359349719876af846dd98e08de3e2

    • SSDEEP

      6144:YnhF/lqEwRXUPzi9sgiZo4nG6Wp39Ezb7ITsqXigaXwVfi:ohF/lN/z+wDnVimP7R

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks