General

  • Target

    50b4b61323d9f272cd87e6e97a7bda61cec0bc905353705a70cf8adf582fe1f7

  • Size

    297KB

  • Sample

    241108-gymc3sxejp

  • MD5

    7d2f58dd7edde4f3c12d5841505be2b7

  • SHA1

    5e0ce36ba61ca260bb70b315bfa0e356a89f744e

  • SHA256

    50b4b61323d9f272cd87e6e97a7bda61cec0bc905353705a70cf8adf582fe1f7

  • SHA512

    e18c458052e1be4d35393db4d14c099a8889f709681fa9b04bb5fed79519b8a4717965cbcc33964dbcc31b021537cb7d72e97f5b9e19bf87a1bc607e40f66e71

  • SSDEEP

    6144:bHX+iXvoPGKN3MYAXcK6YWo2mYLVe2PRy6u802JJs:b3+iXvoPoYISTLVHZy6zJ

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      50b4b61323d9f272cd87e6e97a7bda61cec0bc905353705a70cf8adf582fe1f7

    • Size

      297KB

    • MD5

      7d2f58dd7edde4f3c12d5841505be2b7

    • SHA1

      5e0ce36ba61ca260bb70b315bfa0e356a89f744e

    • SHA256

      50b4b61323d9f272cd87e6e97a7bda61cec0bc905353705a70cf8adf582fe1f7

    • SHA512

      e18c458052e1be4d35393db4d14c099a8889f709681fa9b04bb5fed79519b8a4717965cbcc33964dbcc31b021537cb7d72e97f5b9e19bf87a1bc607e40f66e71

    • SSDEEP

      6144:bHX+iXvoPGKN3MYAXcK6YWo2mYLVe2PRy6u802JJs:b3+iXvoPoYISTLVHZy6zJ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks