General

  • Target

    1ab146db0c591a73fab9bc1ad0205c8f58831e281cbb1c9f05d046a539fa140e

  • Size

    442KB

  • Sample

    241108-c3lj5atcng

  • MD5

    1f7ac0cc3c05d5cc3837edc2154934f3

  • SHA1

    d6a0ad8475a305a3ba1f854ee2259ee3ee0aa1dd

  • SHA256

    1ab146db0c591a73fab9bc1ad0205c8f58831e281cbb1c9f05d046a539fa140e

  • SHA512

    342185758aeb5dda15b8c1d4db0e9a02b8d6f013f6eb58e92e12b793b596f4ec4fb5e99f45528af31ebf5bfdd398a98b99384e42043098778fc225492a737e36

  • SSDEEP

    6144:TmdckoOVAQwglvkNo1cThqGhCV3YDd+DG0XYPfbW7yV1O7TC/d:TmScV4VNo1cTNha3YDd+DG0XYa701Ov

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      1ab146db0c591a73fab9bc1ad0205c8f58831e281cbb1c9f05d046a539fa140e

    • Size

      442KB

    • MD5

      1f7ac0cc3c05d5cc3837edc2154934f3

    • SHA1

      d6a0ad8475a305a3ba1f854ee2259ee3ee0aa1dd

    • SHA256

      1ab146db0c591a73fab9bc1ad0205c8f58831e281cbb1c9f05d046a539fa140e

    • SHA512

      342185758aeb5dda15b8c1d4db0e9a02b8d6f013f6eb58e92e12b793b596f4ec4fb5e99f45528af31ebf5bfdd398a98b99384e42043098778fc225492a737e36

    • SSDEEP

      6144:TmdckoOVAQwglvkNo1cThqGhCV3YDd+DG0XYPfbW7yV1O7TC/d:TmScV4VNo1cTNha3YDd+DG0XYa701Ov

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks