General

  • Target

    f0d558438952808a7e36f7f5b8c01c913f5910fc7fe2adba2db8699a9d8c59a9

  • Size

    373KB

  • Sample

    241108-azxf4s1fna

  • MD5

    39658e848f7ccaa8e884d58503fc229f

  • SHA1

    b3ce460524a0d6fe74274c06e44a7754412b47ff

  • SHA256

    f0d558438952808a7e36f7f5b8c01c913f5910fc7fe2adba2db8699a9d8c59a9

  • SHA512

    befd20e7fb4175bbf0fa69931e3cb8d0839356231bf1dc91793fb2e65cdd6fec32e39e5b5a99930c3636e5e5e2063151b18a1c1f016a3e7432c880bc65ff4cee

  • SSDEEP

    6144:Ta688uEybYLDxWM6Sv86kWw5t51fUrhFwKr4xQFmNkFVtM63oFvb7ITsqXigaXwX:Ta688yY/0M6S5kWwghO24xPKtM557R

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      f0d558438952808a7e36f7f5b8c01c913f5910fc7fe2adba2db8699a9d8c59a9

    • Size

      373KB

    • MD5

      39658e848f7ccaa8e884d58503fc229f

    • SHA1

      b3ce460524a0d6fe74274c06e44a7754412b47ff

    • SHA256

      f0d558438952808a7e36f7f5b8c01c913f5910fc7fe2adba2db8699a9d8c59a9

    • SHA512

      befd20e7fb4175bbf0fa69931e3cb8d0839356231bf1dc91793fb2e65cdd6fec32e39e5b5a99930c3636e5e5e2063151b18a1c1f016a3e7432c880bc65ff4cee

    • SSDEEP

      6144:Ta688uEybYLDxWM6Sv86kWw5t51fUrhFwKr4xQFmNkFVtM63oFvb7ITsqXigaXwX:Ta688yY/0M6S5kWwghO24xPKtM557R

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks