General

  • Target

    11c22b5b58508ff04683be5b3484fd1cf51330f4870f56a1a7d362604948b2ba

  • Size

    438KB

  • Sample

    241108-k33seaskcj

  • MD5

    b4d555734c516ae4f3fd229282281788

  • SHA1

    1859a2f89d468ee95ad6ef3c8e47664d7347e3fc

  • SHA256

    11c22b5b58508ff04683be5b3484fd1cf51330f4870f56a1a7d362604948b2ba

  • SHA512

    32a3119d9303d846551e40003ba85f30a967058ad9abe52e4bec5966d471792bc12901954474160f4911a385dbbc13b72613fdb46bef06c216d7dd2761808e82

  • SSDEEP

    12288:NEqMZp5yIZX2efc4zNUGgxPpTRSRjAHfi5nHTkoPASPQfo/t:R6pYMf5x7GoPAJQ

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      11c22b5b58508ff04683be5b3484fd1cf51330f4870f56a1a7d362604948b2ba

    • Size

      438KB

    • MD5

      b4d555734c516ae4f3fd229282281788

    • SHA1

      1859a2f89d468ee95ad6ef3c8e47664d7347e3fc

    • SHA256

      11c22b5b58508ff04683be5b3484fd1cf51330f4870f56a1a7d362604948b2ba

    • SHA512

      32a3119d9303d846551e40003ba85f30a967058ad9abe52e4bec5966d471792bc12901954474160f4911a385dbbc13b72613fdb46bef06c216d7dd2761808e82

    • SSDEEP

      12288:NEqMZp5yIZX2efc4zNUGgxPpTRSRjAHfi5nHTkoPASPQfo/t:R6pYMf5x7GoPAJQ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks