General

  • Target

    02d5440b2157267c7ee21cb27a5061660f5daf9ecf2a879386598a73b072f5ed

  • Size

    297KB

  • Sample

    241108-r1ca1atgqn

  • MD5

    5eb5543a980e74d9b5955bfb8a6c82b6

  • SHA1

    4143bf9ec96598a210fabf33e2cdbe3c11d8c3ae

  • SHA256

    02d5440b2157267c7ee21cb27a5061660f5daf9ecf2a879386598a73b072f5ed

  • SHA512

    0d5d8117315646122c6342f88f46614b177c1c9183f207c52f4bf35319584828229929ca5994803ae793b09b09eccf4fc48451c8ca8cab63d14ca56a9df42d93

  • SSDEEP

    6144:bHX+iXvoPGKN3MYAXcK6YWo2mYLVe2PRy6u802JJs:b3+iXvoPoYISTLVHZy6zJ

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      02d5440b2157267c7ee21cb27a5061660f5daf9ecf2a879386598a73b072f5ed

    • Size

      297KB

    • MD5

      5eb5543a980e74d9b5955bfb8a6c82b6

    • SHA1

      4143bf9ec96598a210fabf33e2cdbe3c11d8c3ae

    • SHA256

      02d5440b2157267c7ee21cb27a5061660f5daf9ecf2a879386598a73b072f5ed

    • SHA512

      0d5d8117315646122c6342f88f46614b177c1c9183f207c52f4bf35319584828229929ca5994803ae793b09b09eccf4fc48451c8ca8cab63d14ca56a9df42d93

    • SSDEEP

      6144:bHX+iXvoPGKN3MYAXcK6YWo2mYLVe2PRy6u802JJs:b3+iXvoPoYISTLVHZy6zJ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks