General

  • Target

    4fda2ede168f9a276e73f8e451e8eb16c5d6fa15c8229d97da641d83fe7da8f1

  • Size

    422KB

  • Sample

    241108-mcptzatjap

  • MD5

    6d6f03e8cfeea66feae5cf9ce75bfff6

  • SHA1

    2e6c9091797f2c1a65cb7858ac8a8978a6c879ae

  • SHA256

    4fda2ede168f9a276e73f8e451e8eb16c5d6fa15c8229d97da641d83fe7da8f1

  • SHA512

    92424448970b3f1261856e4a4d1fbf220dfc21f76c9504adee2e24b0e8583c93ddd7b4350591de97f5b6470b73f273acea654f3ed260a077a3b7d86f35a643fa

  • SSDEEP

    12288:snEt5YG/nn8LXObRBxF6fSoDJMeAZomw:snw/nCXObf6zNMGN

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      4fda2ede168f9a276e73f8e451e8eb16c5d6fa15c8229d97da641d83fe7da8f1

    • Size

      422KB

    • MD5

      6d6f03e8cfeea66feae5cf9ce75bfff6

    • SHA1

      2e6c9091797f2c1a65cb7858ac8a8978a6c879ae

    • SHA256

      4fda2ede168f9a276e73f8e451e8eb16c5d6fa15c8229d97da641d83fe7da8f1

    • SHA512

      92424448970b3f1261856e4a4d1fbf220dfc21f76c9504adee2e24b0e8583c93ddd7b4350591de97f5b6470b73f273acea654f3ed260a077a3b7d86f35a643fa

    • SSDEEP

      12288:snEt5YG/nn8LXObRBxF6fSoDJMeAZomw:snw/nCXObf6zNMGN

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks