General

  • Target

    853d83dc2e04132192201e0f97777b9bb79a5b4f390d56ef06815ba85cac5509

  • Size

    438KB

  • Sample

    241108-dd4vvawnbr

  • MD5

    42d8e0e064db106c9a62395c0bc592f7

  • SHA1

    179cc6c8bdc8e523b4aafbb9d72fd3d29d8548ea

  • SHA256

    853d83dc2e04132192201e0f97777b9bb79a5b4f390d56ef06815ba85cac5509

  • SHA512

    7a554a8884ed82e1591781b7d18813a1a70c445fa42600d6053aa05c11316645bd6fca199a8f6da02add143186927186495e6bef44ea3eecae71772394fc78f3

  • SSDEEP

    12288:wqkdKtC4xiAqjop8iDPRSRjAHzi5nHbZRK8nPyy3eBPno:1cqxx1p8LK8KQc

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      853d83dc2e04132192201e0f97777b9bb79a5b4f390d56ef06815ba85cac5509

    • Size

      438KB

    • MD5

      42d8e0e064db106c9a62395c0bc592f7

    • SHA1

      179cc6c8bdc8e523b4aafbb9d72fd3d29d8548ea

    • SHA256

      853d83dc2e04132192201e0f97777b9bb79a5b4f390d56ef06815ba85cac5509

    • SHA512

      7a554a8884ed82e1591781b7d18813a1a70c445fa42600d6053aa05c11316645bd6fca199a8f6da02add143186927186495e6bef44ea3eecae71772394fc78f3

    • SSDEEP

      12288:wqkdKtC4xiAqjop8iDPRSRjAHzi5nHbZRK8nPyy3eBPno:1cqxx1p8LK8KQc

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks