General

  • Target

    0b89112c50a5f2f7b5a0b2f2ef4391709a7946f70a902d088ee49dcbde6456ca

  • Size

    411KB

  • Sample

    241108-g8ytvszmak

  • MD5

    35f7a136b9716dc1e9620e396adcc882

  • SHA1

    839c2e8934ceecd1be653ae49f5372d84ea0db87

  • SHA256

    0b89112c50a5f2f7b5a0b2f2ef4391709a7946f70a902d088ee49dcbde6456ca

  • SHA512

    ec22339de8560d802831f9036e7e941ecdaef164104087bcb9d72cd8bbcf7b1e16a28959e2248266bbea6f9419dd5c61928800bdf764c37ec8cb237088f27d6c

  • SSDEEP

    6144:WKwDQ4UXE73s4FCu8zli0+mXjA4cz5hb/HH5uixRoKwCrWXZu:3aQ4UXE73slPw4cz5N/HkeRoE/

Malware Config

Extracted

Family

redline

Botnet

11

C2

45.9.20.157:46257

Attributes
  • auth_value

    344c26d7f808f9c29e47633026f19aa5

Targets

    • Target

      0b89112c50a5f2f7b5a0b2f2ef4391709a7946f70a902d088ee49dcbde6456ca

    • Size

      411KB

    • MD5

      35f7a136b9716dc1e9620e396adcc882

    • SHA1

      839c2e8934ceecd1be653ae49f5372d84ea0db87

    • SHA256

      0b89112c50a5f2f7b5a0b2f2ef4391709a7946f70a902d088ee49dcbde6456ca

    • SHA512

      ec22339de8560d802831f9036e7e941ecdaef164104087bcb9d72cd8bbcf7b1e16a28959e2248266bbea6f9419dd5c61928800bdf764c37ec8cb237088f27d6c

    • SSDEEP

      6144:WKwDQ4UXE73s4FCu8zli0+mXjA4cz5hb/HH5uixRoKwCrWXZu:3aQ4UXE73slPw4cz5N/HkeRoE/

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks