General

  • Target

    4dbdaa938ad1681d72bc9a9337009d892946c78b8370d32d52c104da6e209836

  • Size

    302KB

  • Sample

    241108-n27lratrdm

  • MD5

    5960f0f1ddabb3eecbf6d53e4260ddfe

  • SHA1

    6b3dc7f5a05ffaa1eacf2da5867bfe961714a279

  • SHA256

    4dbdaa938ad1681d72bc9a9337009d892946c78b8370d32d52c104da6e209836

  • SHA512

    e6a7ba69ecd8314a4b7cf2e365b2544881b34b51c11c05364b336398cea94170e542927dabe0a78596297224c3d6907867dd8e476e1d5fb4a9e32f7012b1e2e8

  • SSDEEP

    3072:l8XLArFsh796WIYCt9ouTDXV1lIYNbMFjwBc5wbfRny9F4znqpN1tT+3QcxH2ocC:lpCTw9ouTDljIYpcwcgCm2Z7AiC6SQ

Malware Config

Extracted

Family

redline

Botnet

11

C2

45.9.20.157:46257

Attributes
  • auth_value

    344c26d7f808f9c29e47633026f19aa5

Targets

    • Target

      4dbdaa938ad1681d72bc9a9337009d892946c78b8370d32d52c104da6e209836

    • Size

      302KB

    • MD5

      5960f0f1ddabb3eecbf6d53e4260ddfe

    • SHA1

      6b3dc7f5a05ffaa1eacf2da5867bfe961714a279

    • SHA256

      4dbdaa938ad1681d72bc9a9337009d892946c78b8370d32d52c104da6e209836

    • SHA512

      e6a7ba69ecd8314a4b7cf2e365b2544881b34b51c11c05364b336398cea94170e542927dabe0a78596297224c3d6907867dd8e476e1d5fb4a9e32f7012b1e2e8

    • SSDEEP

      3072:l8XLArFsh796WIYCt9ouTDXV1lIYNbMFjwBc5wbfRny9F4znqpN1tT+3QcxH2ocC:lpCTw9ouTDljIYpcwcgCm2Z7AiC6SQ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks