General

  • Target

    cf738ae7e48560593f80641cc1fd554340422eac36bb5c99b9b2b3376e1c1352

  • Size

    346KB

  • Sample

    241108-m4lxds1enq

  • MD5

    dca2cb5c9308864a7c27284b5c9faef5

  • SHA1

    0a7648319757500dac56f7fccce48b4edc8548c1

  • SHA256

    cf738ae7e48560593f80641cc1fd554340422eac36bb5c99b9b2b3376e1c1352

  • SHA512

    5a786d69af10faf2edd17e8408c667c94e05035e4c02958adbd8c3a9aa5712486283eb33c5257098ddf9653fce2b2ddbb1aa96e37bd2cdebcc9058b80033be9b

  • SSDEEP

    6144:6H2yHHfy3TH0WvNHC9PfNwB+Mqb7ITsqXigaa:6H2yHHfiTWPFwoMq7R

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      cf738ae7e48560593f80641cc1fd554340422eac36bb5c99b9b2b3376e1c1352

    • Size

      346KB

    • MD5

      dca2cb5c9308864a7c27284b5c9faef5

    • SHA1

      0a7648319757500dac56f7fccce48b4edc8548c1

    • SHA256

      cf738ae7e48560593f80641cc1fd554340422eac36bb5c99b9b2b3376e1c1352

    • SHA512

      5a786d69af10faf2edd17e8408c667c94e05035e4c02958adbd8c3a9aa5712486283eb33c5257098ddf9653fce2b2ddbb1aa96e37bd2cdebcc9058b80033be9b

    • SSDEEP

      6144:6H2yHHfy3TH0WvNHC9PfNwB+Mqb7ITsqXigaa:6H2yHHfiTWPFwoMq7R

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks