General

  • Target

    52e3ab6406fd9a921e00f048143da3a7d9a932d089eadcc2830a4cd47267eddc

  • Size

    410KB

  • Sample

    241108-frqlgswdrg

  • MD5

    a2878e1844cfb0960aceaf168d10bfa2

  • SHA1

    6e1ebcea13e9b32f5692f5a68407d592e133a67c

  • SHA256

    52e3ab6406fd9a921e00f048143da3a7d9a932d089eadcc2830a4cd47267eddc

  • SHA512

    990533af320098113871016cf078d034cfebab67a14591eb8e01f3dc14803f79daecaa0f62a7234c5f52ce3622cfb46d612b057f269640376a139bde9409d008

  • SSDEEP

    6144:kMRBC/R6TE/iRAtvdnm4iYVC0dbflCZjmUdhTjMmhIkzHf0KRGGDkTB5wCuPG1:AW6tc4iGCyfIZjmFmikzHf0D0kTFiG

Malware Config

Extracted

Family

redline

Botnet

11

C2

45.9.20.157:46257

Attributes
  • auth_value

    344c26d7f808f9c29e47633026f19aa5

Targets

    • Target

      52e3ab6406fd9a921e00f048143da3a7d9a932d089eadcc2830a4cd47267eddc

    • Size

      410KB

    • MD5

      a2878e1844cfb0960aceaf168d10bfa2

    • SHA1

      6e1ebcea13e9b32f5692f5a68407d592e133a67c

    • SHA256

      52e3ab6406fd9a921e00f048143da3a7d9a932d089eadcc2830a4cd47267eddc

    • SHA512

      990533af320098113871016cf078d034cfebab67a14591eb8e01f3dc14803f79daecaa0f62a7234c5f52ce3622cfb46d612b057f269640376a139bde9409d008

    • SSDEEP

      6144:kMRBC/R6TE/iRAtvdnm4iYVC0dbflCZjmUdhTjMmhIkzHf0KRGGDkTB5wCuPG1:AW6tc4iGCyfIZjmFmikzHf0D0kTFiG

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks