General

  • Target

    1053ae39860dde92ccf54a110b75963d337ae7b9

  • Size

    317KB

  • Sample

    241109-2p3nxswqfl

  • MD5

    f1f539d92266c4569a468d53218b6fd3

  • SHA1

    1053ae39860dde92ccf54a110b75963d337ae7b9

  • SHA256

    db510ea5e0b879a9bd1c393e26f748f4653143801c12d2034f83d063078caaf3

  • SHA512

    061e81ddb2afdf0e919711ddcac395b1f171e0e681492944387916386c499d5ca749a005f2d9138a0ea80c0d348acaf0d113ccd84a5bf8dbf360ba69b732c5b2

  • SSDEEP

    6144:eUgLpjp90jrpL6sz42bqrJiZXU+lpEoZ2v3pCLT0mY0:eUg91qjrlJzCUZXU+7E3v5CLTJP

Malware Config

Extracted

Family

redline

Botnet

123

C2

78.153.144.3:2510

Attributes
  • auth_value

    cd6abb0af211bce081d7bf127cc26835

Targets

    • Target

      1053ae39860dde92ccf54a110b75963d337ae7b9

    • Size

      317KB

    • MD5

      f1f539d92266c4569a468d53218b6fd3

    • SHA1

      1053ae39860dde92ccf54a110b75963d337ae7b9

    • SHA256

      db510ea5e0b879a9bd1c393e26f748f4653143801c12d2034f83d063078caaf3

    • SHA512

      061e81ddb2afdf0e919711ddcac395b1f171e0e681492944387916386c499d5ca749a005f2d9138a0ea80c0d348acaf0d113ccd84a5bf8dbf360ba69b732c5b2

    • SSDEEP

      6144:eUgLpjp90jrpL6sz42bqrJiZXU+lpEoZ2v3pCLT0mY0:eUg91qjrlJzCUZXU+7E3v5CLTJP

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks