General

  • Target

    d5f9c89b5560752b075e2a5ba958fa08ad308019283f128a5b33ed7680f477e0

  • Size

    302KB

  • Sample

    241108-d3lqkavbnb

  • MD5

    a00627db184dfc306669bc27bf4f50bc

  • SHA1

    3be3be9931389c28b3e3fac30c809b66725bae73

  • SHA256

    d5f9c89b5560752b075e2a5ba958fa08ad308019283f128a5b33ed7680f477e0

  • SHA512

    aab392a5cb3dee178f3c1a88e31b97ddb75850006f44e28648850b39fe643a8c037d682b7b3af525882ae6b9ac656041d9901d82049ec51d86cd0de115caaffe

  • SSDEEP

    3072:l8XLArFsh796WIYCt9ouTDXV1lIYNbMFjwBc5wbfRny9F4znqpN1tT+3QcxH2ocC:lpCTw9ouTDljIYpcwcgCm2Z7AiC6SQ

Malware Config

Extracted

Family

redline

Botnet

11

C2

45.9.20.157:46257

Attributes
  • auth_value

    344c26d7f808f9c29e47633026f19aa5

Targets

    • Target

      d5f9c89b5560752b075e2a5ba958fa08ad308019283f128a5b33ed7680f477e0

    • Size

      302KB

    • MD5

      a00627db184dfc306669bc27bf4f50bc

    • SHA1

      3be3be9931389c28b3e3fac30c809b66725bae73

    • SHA256

      d5f9c89b5560752b075e2a5ba958fa08ad308019283f128a5b33ed7680f477e0

    • SHA512

      aab392a5cb3dee178f3c1a88e31b97ddb75850006f44e28648850b39fe643a8c037d682b7b3af525882ae6b9ac656041d9901d82049ec51d86cd0de115caaffe

    • SSDEEP

      3072:l8XLArFsh796WIYCt9ouTDXV1lIYNbMFjwBc5wbfRny9F4znqpN1tT+3QcxH2ocC:lpCTw9ouTDljIYpcwcgCm2Z7AiC6SQ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks