General

  • Target

    55632d5e82c54b56d9085a2a06a8c5c42f3057376424da349124243725c0fe57

  • Size

    438KB

  • Sample

    241108-rqfknstemd

  • MD5

    0ff81b87e18689a9ba5dfbfd35ff1b35

  • SHA1

    c1512fb7c499a9a339c94a2c177f1ac40f527d36

  • SHA256

    55632d5e82c54b56d9085a2a06a8c5c42f3057376424da349124243725c0fe57

  • SHA512

    9ad7ad5d78c6c2df654967b2ead50db12e79286e22b7cbfb9df97c19ec856c9bf48c70b640fa981e21b0eacd89ea3fe8f1ac463e0764c1d8448f8aaa705c7934

  • SSDEEP

    12288:wqkdKtC4xiAqjop8iDPRSRjAHzi5nHbZRK8nPyy3eBPno:1cqxx1p8LK8KQc

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      55632d5e82c54b56d9085a2a06a8c5c42f3057376424da349124243725c0fe57

    • Size

      438KB

    • MD5

      0ff81b87e18689a9ba5dfbfd35ff1b35

    • SHA1

      c1512fb7c499a9a339c94a2c177f1ac40f527d36

    • SHA256

      55632d5e82c54b56d9085a2a06a8c5c42f3057376424da349124243725c0fe57

    • SHA512

      9ad7ad5d78c6c2df654967b2ead50db12e79286e22b7cbfb9df97c19ec856c9bf48c70b640fa981e21b0eacd89ea3fe8f1ac463e0764c1d8448f8aaa705c7934

    • SSDEEP

      12288:wqkdKtC4xiAqjop8iDPRSRjAHzi5nHbZRK8nPyy3eBPno:1cqxx1p8LK8KQc

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks