General

  • Target

    ff8ad6635677e3939a2cc8dfec1f8edab5c5bc555c05bb6bc67fb2198c3c95ca

  • Size

    438KB

  • Sample

    241108-pk33nsscrg

  • MD5

    ba11994090ea03583b410e8896df0a4b

  • SHA1

    2b9ec13c04122baba811e4e34c2d9a9cd0ddc0d9

  • SHA256

    ff8ad6635677e3939a2cc8dfec1f8edab5c5bc555c05bb6bc67fb2198c3c95ca

  • SHA512

    8fb64c75010edc265ce5f475f63dd86697c8fe8c6bc1b425b5fdc91fce787bcf060fd230c6f085e598094aa4f3955227910e8dcb22f2871db35f36a22faa9e54

  • SSDEEP

    12288:NEqMZp5yIZX2efc4zNUGgxPpTRSRjAHfi5nHTkoPASPQfo/t:R6pYMf5x7GoPAJQ

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      ff8ad6635677e3939a2cc8dfec1f8edab5c5bc555c05bb6bc67fb2198c3c95ca

    • Size

      438KB

    • MD5

      ba11994090ea03583b410e8896df0a4b

    • SHA1

      2b9ec13c04122baba811e4e34c2d9a9cd0ddc0d9

    • SHA256

      ff8ad6635677e3939a2cc8dfec1f8edab5c5bc555c05bb6bc67fb2198c3c95ca

    • SHA512

      8fb64c75010edc265ce5f475f63dd86697c8fe8c6bc1b425b5fdc91fce787bcf060fd230c6f085e598094aa4f3955227910e8dcb22f2871db35f36a22faa9e54

    • SSDEEP

      12288:NEqMZp5yIZX2efc4zNUGgxPpTRSRjAHfi5nHTkoPASPQfo/t:R6pYMf5x7GoPAJQ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks