General

  • Target

    679ad22ad9bb8078d01005ace58029a6573b9884e569f150eabd9d1a22b71bab

  • Size

    442KB

  • Sample

    241108-btejsasbpj

  • MD5

    1b01d9ca56c004e8409f8d2bf13f8823

  • SHA1

    52f1414dec0faae08d53772fbee44fb720906ed2

  • SHA256

    679ad22ad9bb8078d01005ace58029a6573b9884e569f150eabd9d1a22b71bab

  • SHA512

    d81cafed638ef4e6ece9d3b3a403be6b1ca8d036f9c58ee75b96ba98992cb8c37991ef2cb1ecd997b7abb4bca259f7c017363930dbdbd682cd9031eb6f9693d3

  • SSDEEP

    6144:TmdckoOVAQwglvkNo1cThqGhCV3YDd+DG0XYPfbW7yV1O7TC/d:TmScV4VNo1cTNha3YDd+DG0XYa701Ov

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      679ad22ad9bb8078d01005ace58029a6573b9884e569f150eabd9d1a22b71bab

    • Size

      442KB

    • MD5

      1b01d9ca56c004e8409f8d2bf13f8823

    • SHA1

      52f1414dec0faae08d53772fbee44fb720906ed2

    • SHA256

      679ad22ad9bb8078d01005ace58029a6573b9884e569f150eabd9d1a22b71bab

    • SHA512

      d81cafed638ef4e6ece9d3b3a403be6b1ca8d036f9c58ee75b96ba98992cb8c37991ef2cb1ecd997b7abb4bca259f7c017363930dbdbd682cd9031eb6f9693d3

    • SSDEEP

      6144:TmdckoOVAQwglvkNo1cThqGhCV3YDd+DG0XYPfbW7yV1O7TC/d:TmScV4VNo1cTNha3YDd+DG0XYa701Ov

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks