General

  • Target

    97f4dc696d6771883c6810aa48c5a51d1f2a813349077333249f8b11e8dca0f7

  • Size

    410KB

  • Sample

    241108-fzk1zawfjc

  • MD5

    37d46d4f30b1fb5b4beef7330af3f433

  • SHA1

    0ec3a711b0f099e0bfc27405673818070b6c8e8b

  • SHA256

    97f4dc696d6771883c6810aa48c5a51d1f2a813349077333249f8b11e8dca0f7

  • SHA512

    7a442bcf924dd83ff5eb0be3d24a21e955a1ed54faff1e4d45649174a893e94981135f559a73ec7b21eaecd52378f08d8874a82803c3fa8bee68cac4605cb9af

  • SSDEEP

    6144:kMRBC/R6TE/iRAtvdnm4iYVC0dbflCZjmUdhTjMmhIkzHf0KRGGDkTB5wCuPG1:AW6tc4iGCyfIZjmFmikzHf0D0kTFiG

Malware Config

Extracted

Family

redline

Botnet

11

C2

45.9.20.157:46257

Attributes
  • auth_value

    344c26d7f808f9c29e47633026f19aa5

Targets

    • Target

      97f4dc696d6771883c6810aa48c5a51d1f2a813349077333249f8b11e8dca0f7

    • Size

      410KB

    • MD5

      37d46d4f30b1fb5b4beef7330af3f433

    • SHA1

      0ec3a711b0f099e0bfc27405673818070b6c8e8b

    • SHA256

      97f4dc696d6771883c6810aa48c5a51d1f2a813349077333249f8b11e8dca0f7

    • SHA512

      7a442bcf924dd83ff5eb0be3d24a21e955a1ed54faff1e4d45649174a893e94981135f559a73ec7b21eaecd52378f08d8874a82803c3fa8bee68cac4605cb9af

    • SSDEEP

      6144:kMRBC/R6TE/iRAtvdnm4iYVC0dbflCZjmUdhTjMmhIkzHf0KRGGDkTB5wCuPG1:AW6tc4iGCyfIZjmFmikzHf0D0kTFiG

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks