General

  • Target

    91a9b80a3228e37444e9a4f71afff41610b00f82

  • Size

    314KB

  • Sample

    241109-2bx7aawpcn

  • MD5

    90bed121934ec8eca921c126cd40f46d

  • SHA1

    91a9b80a3228e37444e9a4f71afff41610b00f82

  • SHA256

    5e9f641be090adbc1facecb296a18e7445bc1dcdd5759163098c7cbabe6ee2fd

  • SHA512

    05d09fe5b3cbec46d4e02e573ecad6dba86289d23fca6f021c20ea597c934d7a7d93bf26fb4a45a5fa458566fdb594a230f73451b2025ffd22f050e4a3c21db5

  • SSDEEP

    6144:eUgLpjp90jrpL6sz42bqrJiZXU+lpEoZ2v3pCLT0mY0:eUg91qjrlJzCUZXU+7E3v5CLTJP

Malware Config

Extracted

Family

redline

Botnet

123

C2

78.153.144.3:2510

Attributes
  • auth_value

    cd6abb0af211bce081d7bf127cc26835

Targets

    • Target

      91a9b80a3228e37444e9a4f71afff41610b00f82

    • Size

      314KB

    • MD5

      90bed121934ec8eca921c126cd40f46d

    • SHA1

      91a9b80a3228e37444e9a4f71afff41610b00f82

    • SHA256

      5e9f641be090adbc1facecb296a18e7445bc1dcdd5759163098c7cbabe6ee2fd

    • SHA512

      05d09fe5b3cbec46d4e02e573ecad6dba86289d23fca6f021c20ea597c934d7a7d93bf26fb4a45a5fa458566fdb594a230f73451b2025ffd22f050e4a3c21db5

    • SSDEEP

      6144:eUgLpjp90jrpL6sz42bqrJiZXU+lpEoZ2v3pCLT0mY0:eUg91qjrlJzCUZXU+7E3v5CLTJP

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks