General

  • Target

    65ab44c8c99208d0acc8e19d7f9ee0db4ffb6d159f5b423509122a235a5bd154

  • Size

    423KB

  • Sample

    241108-l3t1yasqhj

  • MD5

    d982757662b3381be2277d885384cb25

  • SHA1

    1f88057649c0e6614c5c5b5053d7489fc21f17f8

  • SHA256

    65ab44c8c99208d0acc8e19d7f9ee0db4ffb6d159f5b423509122a235a5bd154

  • SHA512

    f87e0b00580cb9b1e0b14d863bee30b7bde83a77bed67619c37dc6291e4172d1e0026eefeb8664667de573e46237c3b79d243c9e1559b2f720d22984a3b16d32

  • SSDEEP

    6144:cMui5ObVmy+0LExccD4HOCL+qzPI1vCyuKkYi82Jzj6efYPV0p:GrLExjiOCyqzPI1vCyuKkBJzjL

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      65ab44c8c99208d0acc8e19d7f9ee0db4ffb6d159f5b423509122a235a5bd154

    • Size

      423KB

    • MD5

      d982757662b3381be2277d885384cb25

    • SHA1

      1f88057649c0e6614c5c5b5053d7489fc21f17f8

    • SHA256

      65ab44c8c99208d0acc8e19d7f9ee0db4ffb6d159f5b423509122a235a5bd154

    • SHA512

      f87e0b00580cb9b1e0b14d863bee30b7bde83a77bed67619c37dc6291e4172d1e0026eefeb8664667de573e46237c3b79d243c9e1559b2f720d22984a3b16d32

    • SSDEEP

      6144:cMui5ObVmy+0LExccD4HOCL+qzPI1vCyuKkYi82Jzj6efYPV0p:GrLExjiOCyqzPI1vCyuKkBJzjL

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks