General

  • Target

    a3f99d4fd1008c1d5632b5052c0636c4da491c31beb6abbc4dcd68f5396ecfc2

  • Size

    427KB

  • Sample

    241108-kqwhkaylf1

  • MD5

    38f7aaa2c09cc0bd1f04a445bbc43a01

  • SHA1

    147f0e6730eeeb990d3db822971a7d02db57001a

  • SHA256

    a3f99d4fd1008c1d5632b5052c0636c4da491c31beb6abbc4dcd68f5396ecfc2

  • SHA512

    bd1d80c85f4959c2ed76a8bbbc4ab87fddf167f2c36aa75572d6d51937a2d969b41f2966fb621a2c82f2392fbeac04cc6514acb4b2b4b242595ecf80bbb2e367

  • SSDEEP

    6144:B0NMGv1CXJ7ATf6/5e2R98GDETSGhcTdzhSWa7OJ/thn/IyG8Fzk:BlGdICf6/5fvETSGhcTdzcWaAnAy0

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      a3f99d4fd1008c1d5632b5052c0636c4da491c31beb6abbc4dcd68f5396ecfc2

    • Size

      427KB

    • MD5

      38f7aaa2c09cc0bd1f04a445bbc43a01

    • SHA1

      147f0e6730eeeb990d3db822971a7d02db57001a

    • SHA256

      a3f99d4fd1008c1d5632b5052c0636c4da491c31beb6abbc4dcd68f5396ecfc2

    • SHA512

      bd1d80c85f4959c2ed76a8bbbc4ab87fddf167f2c36aa75572d6d51937a2d969b41f2966fb621a2c82f2392fbeac04cc6514acb4b2b4b242595ecf80bbb2e367

    • SSDEEP

      6144:B0NMGv1CXJ7ATf6/5e2R98GDETSGhcTdzhSWa7OJ/thn/IyG8Fzk:BlGdICf6/5fvETSGhcTdzcWaAnAy0

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks