General

  • Target

    94ddba01e81ce69824f6c2f9f55bc28f3e8c29ce938e6bd5f3ff7d5d3e9c96f5

  • Size

    302KB

  • Sample

    241108-n79nas1mcv

  • MD5

    f26fef54c1523ae89922b352766215b2

  • SHA1

    8c87fae40f618d240ad1b081e5bce63acc875deb

  • SHA256

    94ddba01e81ce69824f6c2f9f55bc28f3e8c29ce938e6bd5f3ff7d5d3e9c96f5

  • SHA512

    26b439e57cb6d65a7d2f181ab2d6467c354fa9c4b509833941457bbe7b0574a71a7291472816fbe25939c2dca191f1cf1e3cb13887ee626338e98a65cc242df4

  • SSDEEP

    3072:l8XLArFsh796WIYCt9ouTDXV1lIYNbMFjwBc5wbfRny9F4znqpN1tT+3QcxH2ocC:lpCTw9ouTDljIYpcwcgCm2Z7AiC6SQ

Malware Config

Extracted

Family

redline

Botnet

11

C2

45.9.20.157:46257

Attributes
  • auth_value

    344c26d7f808f9c29e47633026f19aa5

Targets

    • Target

      94ddba01e81ce69824f6c2f9f55bc28f3e8c29ce938e6bd5f3ff7d5d3e9c96f5

    • Size

      302KB

    • MD5

      f26fef54c1523ae89922b352766215b2

    • SHA1

      8c87fae40f618d240ad1b081e5bce63acc875deb

    • SHA256

      94ddba01e81ce69824f6c2f9f55bc28f3e8c29ce938e6bd5f3ff7d5d3e9c96f5

    • SHA512

      26b439e57cb6d65a7d2f181ab2d6467c354fa9c4b509833941457bbe7b0574a71a7291472816fbe25939c2dca191f1cf1e3cb13887ee626338e98a65cc242df4

    • SSDEEP

      3072:l8XLArFsh796WIYCt9ouTDXV1lIYNbMFjwBc5wbfRny9F4znqpN1tT+3QcxH2ocC:lpCTw9ouTDljIYpcwcgCm2Z7AiC6SQ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks