General

  • Target

    78756d66ba2d22f51586cd8ecb8641b8c13ee8b8

  • Size

    402KB

  • Sample

    241108-l9haqasrfm

  • MD5

    2a2b6bb848a5c68ad189cd3cab07931b

  • SHA1

    78756d66ba2d22f51586cd8ecb8641b8c13ee8b8

  • SHA256

    a9f024d0385e88a7338783b91f0e62130b851792339bfd1680d5e0458d834981

  • SHA512

    9c76d8a47f1c3e9bb639284ee4345b906b9a300fbe9f2e12640d809e75a1a0d4741566d38d7a2d7cbc789cdee9f5e1d50229a721a13d07555b1aeec1c5b0fe27

  • SSDEEP

    6144:R3+E5eZOkpmuvVXWHr1MkvfpNfsyhguZxFBoJerN:5+EqOk4uoL1bynFJerN

Malware Config

Extracted

Family

redline

Botnet

SEWPALPADIN

C2

45.9.20.111:1355

Attributes
  • auth_value

    8ca76b3bc579d0d08c2ac1a429d4f5a0

Targets

    • Target

      78756d66ba2d22f51586cd8ecb8641b8c13ee8b8

    • Size

      402KB

    • MD5

      2a2b6bb848a5c68ad189cd3cab07931b

    • SHA1

      78756d66ba2d22f51586cd8ecb8641b8c13ee8b8

    • SHA256

      a9f024d0385e88a7338783b91f0e62130b851792339bfd1680d5e0458d834981

    • SHA512

      9c76d8a47f1c3e9bb639284ee4345b906b9a300fbe9f2e12640d809e75a1a0d4741566d38d7a2d7cbc789cdee9f5e1d50229a721a13d07555b1aeec1c5b0fe27

    • SSDEEP

      6144:R3+E5eZOkpmuvVXWHr1MkvfpNfsyhguZxFBoJerN:5+EqOk4uoL1bynFJerN

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks