General

  • Target

    1d5f33a62a99689959fb7cee723d2be2a09eeb442d1cca4176e23432f3b54f28

  • Size

    438KB

  • Sample

    241108-a7hb6atqbj

  • MD5

    43c11ffbedb16ab53e8b73fb00c8b566

  • SHA1

    d1155911b5ba8102b99665b7566cb38e4a7ddaf3

  • SHA256

    1d5f33a62a99689959fb7cee723d2be2a09eeb442d1cca4176e23432f3b54f28

  • SHA512

    ac773c80f6a32d5ab80ba0270054f1e6517f93c5503d439ecfe20bfb30ffb8c3d06321d2c37943eb5c62c8d419d6b07a5f569bed237be0ef998bb9462eacb8ed

  • SSDEEP

    12288:NEqMZp5yIZX2efc4zNUGgxPpTRSRjAHfi5nHTkoPASPQfo/t:R6pYMf5x7GoPAJQ

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      1d5f33a62a99689959fb7cee723d2be2a09eeb442d1cca4176e23432f3b54f28

    • Size

      438KB

    • MD5

      43c11ffbedb16ab53e8b73fb00c8b566

    • SHA1

      d1155911b5ba8102b99665b7566cb38e4a7ddaf3

    • SHA256

      1d5f33a62a99689959fb7cee723d2be2a09eeb442d1cca4176e23432f3b54f28

    • SHA512

      ac773c80f6a32d5ab80ba0270054f1e6517f93c5503d439ecfe20bfb30ffb8c3d06321d2c37943eb5c62c8d419d6b07a5f569bed237be0ef998bb9462eacb8ed

    • SSDEEP

      12288:NEqMZp5yIZX2efc4zNUGgxPpTRSRjAHfi5nHTkoPASPQfo/t:R6pYMf5x7GoPAJQ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks