General

  • Target

    2f8d98a5ce1894afd26bcde572c9f4ef3c18cf5dc67abc98c409154545df3c95

  • Size

    438KB

  • Sample

    241108-btq8ksscke

  • MD5

    2388bad52d0c010524b6202fa4d38c43

  • SHA1

    5d633e6b487cb884b5c3b7315545db363240e588

  • SHA256

    2f8d98a5ce1894afd26bcde572c9f4ef3c18cf5dc67abc98c409154545df3c95

  • SHA512

    4ad5e0df48d7f0361eb5f76c3f71cfe62001e76d6213e38958bd384bddf18e607d420c9edc4467d97ce151461373227baf7a87233f1cb614d0d4e1894b913870

  • SSDEEP

    12288:wqkdKtC4xiAqjop8iDPRSRjAHzi5nHbZRK8nPyy3eBPno:1cqxx1p8LK8KQc

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      2f8d98a5ce1894afd26bcde572c9f4ef3c18cf5dc67abc98c409154545df3c95

    • Size

      438KB

    • MD5

      2388bad52d0c010524b6202fa4d38c43

    • SHA1

      5d633e6b487cb884b5c3b7315545db363240e588

    • SHA256

      2f8d98a5ce1894afd26bcde572c9f4ef3c18cf5dc67abc98c409154545df3c95

    • SHA512

      4ad5e0df48d7f0361eb5f76c3f71cfe62001e76d6213e38958bd384bddf18e607d420c9edc4467d97ce151461373227baf7a87233f1cb614d0d4e1894b913870

    • SSDEEP

      12288:wqkdKtC4xiAqjop8iDPRSRjAHzi5nHbZRK8nPyy3eBPno:1cqxx1p8LK8KQc

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks