General

  • Target

    8f5299e1e408cd9392fd8769ce6b423bb1e9a45bfbc7e808ea75474b38fe8fdb

  • Size

    297KB

  • Sample

    241108-jqn8ta1ldq

  • MD5

    407bf61aa16754fa2f481eae51bf017b

  • SHA1

    cfb756f82deb905b0d072e889fe2b5cb50677cc2

  • SHA256

    8f5299e1e408cd9392fd8769ce6b423bb1e9a45bfbc7e808ea75474b38fe8fdb

  • SHA512

    27a9e16c01b42bf69980c3071bcf9a811159daa54ef3332c819ed40aafd145116ef95f4fb9e92618902af19d1ad1864e9574650b1da09c0750b2777063382a23

  • SSDEEP

    6144:bHX+iXvoPGKN3MYAXcK6YWo2mYLVe2PRy6u802JJs:b3+iXvoPoYISTLVHZy6zJ

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      8f5299e1e408cd9392fd8769ce6b423bb1e9a45bfbc7e808ea75474b38fe8fdb

    • Size

      297KB

    • MD5

      407bf61aa16754fa2f481eae51bf017b

    • SHA1

      cfb756f82deb905b0d072e889fe2b5cb50677cc2

    • SHA256

      8f5299e1e408cd9392fd8769ce6b423bb1e9a45bfbc7e808ea75474b38fe8fdb

    • SHA512

      27a9e16c01b42bf69980c3071bcf9a811159daa54ef3332c819ed40aafd145116ef95f4fb9e92618902af19d1ad1864e9574650b1da09c0750b2777063382a23

    • SSDEEP

      6144:bHX+iXvoPGKN3MYAXcK6YWo2mYLVe2PRy6u802JJs:b3+iXvoPoYISTLVHZy6zJ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks