General

  • Target

    a8c90c23f9cb2ab2e352eb27be111e9d0f41056bd2192f367f83b50973e17403

  • Size

    394KB

  • Sample

    241108-qb2nxsvqbk

  • MD5

    69dd00faeea1a8ccf7d9c177fa0b2e6a

  • SHA1

    ae471c0e22fd7f0b26b2a6584189cec2c5f277b7

  • SHA256

    a8c90c23f9cb2ab2e352eb27be111e9d0f41056bd2192f367f83b50973e17403

  • SHA512

    8c71fd593223feabf8f77a22fe6695d106ab6cc59654986ed956105aaf3613bb165c99e971b6dbfef9bd3fd878f910ccafa8585a489ebf9aa1fb17d0302b26c2

  • SSDEEP

    6144:4YodGDQYA+HaNjx2LYs6R0u3JmpsiKBn8uzbgwu6L7ITsqSigaTwVfV:4YodGDqBXG6jJispBn8unnn7s

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      a8c90c23f9cb2ab2e352eb27be111e9d0f41056bd2192f367f83b50973e17403

    • Size

      394KB

    • MD5

      69dd00faeea1a8ccf7d9c177fa0b2e6a

    • SHA1

      ae471c0e22fd7f0b26b2a6584189cec2c5f277b7

    • SHA256

      a8c90c23f9cb2ab2e352eb27be111e9d0f41056bd2192f367f83b50973e17403

    • SHA512

      8c71fd593223feabf8f77a22fe6695d106ab6cc59654986ed956105aaf3613bb165c99e971b6dbfef9bd3fd878f910ccafa8585a489ebf9aa1fb17d0302b26c2

    • SSDEEP

      6144:4YodGDQYA+HaNjx2LYs6R0u3JmpsiKBn8uzbgwu6L7ITsqSigaTwVfV:4YodGDqBXG6jJispBn8unnn7s

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks