General

  • Target

    51c5f47e3713fab760f097ff7ef28b8849ffae2d8e319cdc660fcfdca1196352

  • Size

    425KB

  • Sample

    241109-1w181atbrk

  • MD5

    8f0b44f5221edb4de2360c9bc691a393

  • SHA1

    38d0a8e10818af5a7741d6717bf4b1302c664589

  • SHA256

    51c5f47e3713fab760f097ff7ef28b8849ffae2d8e319cdc660fcfdca1196352

  • SHA512

    fcbd24202dc4fd4acc3af546fd2ffe2af9d406721481b48861a42390eaf8854b6dfb14f39cda324ff7c6844bdf73204494fadc3e2657268a8113a1f3d0ca6ab5

  • SSDEEP

    6144:ZhEhUR7NXRNcctWZzL2SeCi+AkDG/Jl7kP6YYUayvLHHZlofiDP9LtQtyfWJ:ZhEhQ1MLm+ANxl7kP6YYUDvLXoEVLOy

Malware Config

Extracted

Family

redline

Botnet

bbtt1

C2

212.193.30.196:13040

Attributes
  • auth_value

    fd6c3db35926ff1b33d500d0fb0ce060

Targets

    • Target

      51c5f47e3713fab760f097ff7ef28b8849ffae2d8e319cdc660fcfdca1196352

    • Size

      425KB

    • MD5

      8f0b44f5221edb4de2360c9bc691a393

    • SHA1

      38d0a8e10818af5a7741d6717bf4b1302c664589

    • SHA256

      51c5f47e3713fab760f097ff7ef28b8849ffae2d8e319cdc660fcfdca1196352

    • SHA512

      fcbd24202dc4fd4acc3af546fd2ffe2af9d406721481b48861a42390eaf8854b6dfb14f39cda324ff7c6844bdf73204494fadc3e2657268a8113a1f3d0ca6ab5

    • SSDEEP

      6144:ZhEhUR7NXRNcctWZzL2SeCi+AkDG/Jl7kP6YYUayvLHHZlofiDP9LtQtyfWJ:ZhEhQ1MLm+ANxl7kP6YYUDvLXoEVLOy

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks