General

  • Target

    e7d91e01995014e4683da8a25e16a4774c5f9460bcdfcb1346dcb78d281f9f82

  • Size

    422KB

  • Sample

    241108-pwx1ssseke

  • MD5

    55958fb652b76f983212f88a2859c34a

  • SHA1

    11636178d3d4461792d11161c1ca2913e127b5da

  • SHA256

    e7d91e01995014e4683da8a25e16a4774c5f9460bcdfcb1346dcb78d281f9f82

  • SHA512

    f327016bc79cbef3530c243c03602b3c7b454b133605425e328ac4b5ac53c47e65804c4bd1b04b82d4ce7a17ba0263e9c0b408565d450600b6a2b80bf9a26532

  • SSDEEP

    12288:snEt5YG/nn8LXObRBxF6fSoDJMeAZomw:snw/nCXObf6zNMGN

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      e7d91e01995014e4683da8a25e16a4774c5f9460bcdfcb1346dcb78d281f9f82

    • Size

      422KB

    • MD5

      55958fb652b76f983212f88a2859c34a

    • SHA1

      11636178d3d4461792d11161c1ca2913e127b5da

    • SHA256

      e7d91e01995014e4683da8a25e16a4774c5f9460bcdfcb1346dcb78d281f9f82

    • SHA512

      f327016bc79cbef3530c243c03602b3c7b454b133605425e328ac4b5ac53c47e65804c4bd1b04b82d4ce7a17ba0263e9c0b408565d450600b6a2b80bf9a26532

    • SSDEEP

      12288:snEt5YG/nn8LXObRBxF6fSoDJMeAZomw:snw/nCXObf6zNMGN

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks