General

  • Target

    831f97d5a2f5a9cd50defa160669ae2b6872346fc06c41bbc981edf15193f357

  • Size

    51KB

  • Sample

    241109-1wt5patbnh

  • MD5

    3ed98aaf3419c8cd27ae2a93e91cc97e

  • SHA1

    27a4dd86a63c66caa4224cdf18af00dd199a6e76

  • SHA256

    831f97d5a2f5a9cd50defa160669ae2b6872346fc06c41bbc981edf15193f357

  • SHA512

    6f04fcbf79208f731707948c6451ed004fab02bed12692f40d05423a2323c87f6a1fe74ce431b08fbe32104aa193fe573a3fb5fad7b24c7e6b371aa2d4c9bb7a

  • SSDEEP

    1536:BouPTlWk9khAqTlF+wBqIKnRF/crbTIxX:B3PJWkq5JF+wIL0rbGX

Malware Config

Extracted

Family

redline

Botnet

nado

C2

176.113.115.145:4125

Attributes
  • auth_value

    a648e365d8e0df895a84152ad68ffc56

Targets

    • Target

      fee485aa5d8bbbf49de9a795e53f2dd8c41d23eba0c606968cd013e997098f47

    • Size

      175KB

    • MD5

      9266ee21291fbf9bfa7fba9c0511f286

    • SHA1

      965029234ad1a447a3cbe433e228647521b38696

    • SHA256

      fee485aa5d8bbbf49de9a795e53f2dd8c41d23eba0c606968cd013e997098f47

    • SHA512

      a288d5fd10bd335c78495333b683669df56e62171cb9a83782716fe9f9dcaf6231c293b43ff2d6b890e270cf00f7394b5ddd668c0b5d5307b959c2811b22ae4d

    • SSDEEP

      3072:yxqZWFFa7E6T825De559yhGfxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOuw+cO:gqZcMUyh

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks