General

  • Target

    d7b788a31f90bf07880006901517b59217da3f18

  • Size

    313KB

  • Sample

    241109-2xwkkswrfm

  • MD5

    a20510c54a7749ca653da4fa52f3715e

  • SHA1

    d7b788a31f90bf07880006901517b59217da3f18

  • SHA256

    c190528fc830bf138cebc07dd1be62db82c5ddc2ff55120ca86b0c106cc4982e

  • SHA512

    1f4bb01c3a9f91d76fe5af7f3553e5171cce8e4c4ed66597cd7e3a06379ae09c0c7ba8f7e8e11215d631b3241bc28ae6a2aff202708331123952cdab6e2c5150

  • SSDEEP

    6144:eUgLpjp90jrpL6sz42bqrJiZXU+lpEoZ2v3pCLT0mY0:eUg91qjrlJzCUZXU+7E3v5CLTJP

Malware Config

Extracted

Family

redline

Botnet

123

C2

78.153.144.3:2510

Attributes
  • auth_value

    cd6abb0af211bce081d7bf127cc26835

Targets

    • Target

      d7b788a31f90bf07880006901517b59217da3f18

    • Size

      313KB

    • MD5

      a20510c54a7749ca653da4fa52f3715e

    • SHA1

      d7b788a31f90bf07880006901517b59217da3f18

    • SHA256

      c190528fc830bf138cebc07dd1be62db82c5ddc2ff55120ca86b0c106cc4982e

    • SHA512

      1f4bb01c3a9f91d76fe5af7f3553e5171cce8e4c4ed66597cd7e3a06379ae09c0c7ba8f7e8e11215d631b3241bc28ae6a2aff202708331123952cdab6e2c5150

    • SSDEEP

      6144:eUgLpjp90jrpL6sz42bqrJiZXU+lpEoZ2v3pCLT0mY0:eUg91qjrlJzCUZXU+7E3v5CLTJP

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks