General

  • Target

    b02e208393420d1e36d8f9ed9381d10c1ef05e1fb690f978ef60deb015d1f04b

  • Size

    290KB

  • Sample

    241109-1bzjnssgkq

  • MD5

    cc64f641f16e3531730d6de14eb263c4

  • SHA1

    6ea136a04787d20ad7e0a455df7a5f8d022f18f5

  • SHA256

    b02e208393420d1e36d8f9ed9381d10c1ef05e1fb690f978ef60deb015d1f04b

  • SHA512

    8c64322831598e8eb8683a63e2505b0523bdd6116460828d5a2695f029161bed6e12192b9372173a985ab9bb11f069b4e8ac68587f818f94c696ead95504d47a

  • SSDEEP

    6144:hwRmAIzkqpRi9zyASGBfYTTnMtiAL18BY/X4FKGuhRgBqDXesjLPbAc:DthDi9zymNYTDmH8q/oFKMC3p

Malware Config

Extracted

Family

redline

Botnet

@2023@New

C2

91.215.85.155:32796

Attributes
  • auth_value

    0be5b9b84cd5b707e91a48e341e3f7d7

Targets

    • Target

      ec6b365881da027f48da21ae0be7e8ea8b0147956728197f560222bd492aefff

    • Size

      394KB

    • MD5

      616185f5c11303d38771b7a21acaefb1

    • SHA1

      ba9b61720ffecc9b8c38e4efbe3e51a424cbb039

    • SHA256

      ec6b365881da027f48da21ae0be7e8ea8b0147956728197f560222bd492aefff

    • SHA512

      da1f081314b4a4cd301571d6ee55eb5a9e10a0856a1b28f61ffdf587355d6be7773601cceaa1dfd7f79f78843982dc401cb262a5da6990eba888748ef469db11

    • SSDEEP

      6144:sMcuGLGQ5lpRi9zyASGHfYTTnMHiALr8vY/X4F8d7f4VwdC8:1cLqElDi9zym/YTD+h8A/oF8dzO

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks