General

  • Target

    3675a6ff75f4e908e2930d9df0163440fc468c7e4400ae71d313c44b81dc0d9c

  • Size

    297KB

  • Sample

    241108-jzc7xaygnq

  • MD5

    ca12725187063bebd237a5c76ced6009

  • SHA1

    fa3bf5ae19b3d8d64faa636347492acf92079859

  • SHA256

    3675a6ff75f4e908e2930d9df0163440fc468c7e4400ae71d313c44b81dc0d9c

  • SHA512

    6bedfbf42d1e6ab55f56e62d9b773ecd2e8efb57fc8b38b8e9cf9113ce9aab7581a30a0c568866fdaeb4a734a7ca986a57c0c78d3b14bdb9ff4e350798adce72

  • SSDEEP

    6144:rvHwCMbovQJ2lzmGk2l3u7ZOuc50Cb/7rRSUbHMfG4:rPwCMbovQJ6N3u7ZeR/7Ce

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      3675a6ff75f4e908e2930d9df0163440fc468c7e4400ae71d313c44b81dc0d9c

    • Size

      297KB

    • MD5

      ca12725187063bebd237a5c76ced6009

    • SHA1

      fa3bf5ae19b3d8d64faa636347492acf92079859

    • SHA256

      3675a6ff75f4e908e2930d9df0163440fc468c7e4400ae71d313c44b81dc0d9c

    • SHA512

      6bedfbf42d1e6ab55f56e62d9b773ecd2e8efb57fc8b38b8e9cf9113ce9aab7581a30a0c568866fdaeb4a734a7ca986a57c0c78d3b14bdb9ff4e350798adce72

    • SSDEEP

      6144:rvHwCMbovQJ2lzmGk2l3u7ZOuc50Cb/7rRSUbHMfG4:rPwCMbovQJ6N3u7ZeR/7Ce

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks