General

  • Target

    d15b32b51978defaf0683a19b487579e9572fa64264d9f641c85d0dca433c686

  • Size

    371KB

  • Sample

    241108-lkla3szgpm

  • MD5

    952b1d13a90d49dc0389a8c53a1abe6a

  • SHA1

    bb6a1f1d00434dec643743fa25024603055318f7

  • SHA256

    d15b32b51978defaf0683a19b487579e9572fa64264d9f641c85d0dca433c686

  • SHA512

    b686d9fd98925e4a196e1dbe842670f3d9d2b9db4f4b22f0e120bf3294d99fb264b94c6dee55d4c70ee4b7da09d2ec3428b63f9bcff8d47507b6bbe6e068c7fe

  • SSDEEP

    6144:YnhF/lqEwRXUPzi9sgiZo4nG6Wp39Ezb7ITsqXigaXwVfi:ohF/lN/z+wDnVimP7R

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      d15b32b51978defaf0683a19b487579e9572fa64264d9f641c85d0dca433c686

    • Size

      371KB

    • MD5

      952b1d13a90d49dc0389a8c53a1abe6a

    • SHA1

      bb6a1f1d00434dec643743fa25024603055318f7

    • SHA256

      d15b32b51978defaf0683a19b487579e9572fa64264d9f641c85d0dca433c686

    • SHA512

      b686d9fd98925e4a196e1dbe842670f3d9d2b9db4f4b22f0e120bf3294d99fb264b94c6dee55d4c70ee4b7da09d2ec3428b63f9bcff8d47507b6bbe6e068c7fe

    • SSDEEP

      6144:YnhF/lqEwRXUPzi9sgiZo4nG6Wp39Ezb7ITsqXigaXwVfi:ohF/lN/z+wDnVimP7R

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks