General

  • Target

    ad101bf2e2f11dfc1a02112fde6e7aab7b761cca9efd75e5092e57f07f227297

  • Size

    438KB

  • Sample

    241108-b6b97asekp

  • MD5

    134d253a9bf9d0e72156ea6cfb8e5697

  • SHA1

    49486f74de6eeda431bd9a55aafc3c78c3c17988

  • SHA256

    ad101bf2e2f11dfc1a02112fde6e7aab7b761cca9efd75e5092e57f07f227297

  • SHA512

    10601ca13d7ee2099e6667e88cafcf0e2050350fa188ebec08c454fc80d695a803ed5f0947d81ebb270c9b19367b66f63ee62e683b0726758fdcb7d69344a264

  • SSDEEP

    12288:wqkdKtC4xiAqjop8iDPRSRjAHzi5nHbZRK8nPyy3eBPno:1cqxx1p8LK8KQc

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      ad101bf2e2f11dfc1a02112fde6e7aab7b761cca9efd75e5092e57f07f227297

    • Size

      438KB

    • MD5

      134d253a9bf9d0e72156ea6cfb8e5697

    • SHA1

      49486f74de6eeda431bd9a55aafc3c78c3c17988

    • SHA256

      ad101bf2e2f11dfc1a02112fde6e7aab7b761cca9efd75e5092e57f07f227297

    • SHA512

      10601ca13d7ee2099e6667e88cafcf0e2050350fa188ebec08c454fc80d695a803ed5f0947d81ebb270c9b19367b66f63ee62e683b0726758fdcb7d69344a264

    • SSDEEP

      12288:wqkdKtC4xiAqjop8iDPRSRjAHzi5nHbZRK8nPyy3eBPno:1cqxx1p8LK8KQc

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks