General

  • Target

    8123815b579074508a20d704778085df8a9f6853858b6493a696d3d978b68d54

  • Size

    313KB

  • Sample

    241109-m12tfawkhq

  • MD5

    6fd3c2593f1a752775d728bceeda1526

  • SHA1

    6d412518b087505be852bb546f03b85c76ce03ba

  • SHA256

    8123815b579074508a20d704778085df8a9f6853858b6493a696d3d978b68d54

  • SHA512

    fd220a276cd20cc1b1591453656e4b6220595e7accf6d9ace787a2cd724bef8d0c15741c80a0819e4a8e7128311df2a065972cf93a8997d3309e1a93ff3fc969

  • SSDEEP

    6144:eUgLpjp90jrpL6sz42bqrJiZXU+lpEoZ2v3pCLT0mY0:eUg91qjrlJzCUZXU+7E3v5CLTJP

Malware Config

Extracted

Family

redline

Botnet

123

C2

78.153.144.3:2510

Attributes
  • auth_value

    cd6abb0af211bce081d7bf127cc26835

Targets

    • Target

      8123815b579074508a20d704778085df8a9f6853858b6493a696d3d978b68d54

    • Size

      313KB

    • MD5

      6fd3c2593f1a752775d728bceeda1526

    • SHA1

      6d412518b087505be852bb546f03b85c76ce03ba

    • SHA256

      8123815b579074508a20d704778085df8a9f6853858b6493a696d3d978b68d54

    • SHA512

      fd220a276cd20cc1b1591453656e4b6220595e7accf6d9ace787a2cd724bef8d0c15741c80a0819e4a8e7128311df2a065972cf93a8997d3309e1a93ff3fc969

    • SSDEEP

      6144:eUgLpjp90jrpL6sz42bqrJiZXU+lpEoZ2v3pCLT0mY0:eUg91qjrlJzCUZXU+7E3v5CLTJP

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks