General

  • Target

    2fff8301ce4c669901a1314f5f5fe07a

  • Size

    266KB

  • Sample

    241109-mal1asseqm

  • MD5

    2fff8301ce4c669901a1314f5f5fe07a

  • SHA1

    24123204183f46eba2f61cb0a8e5a01099b8ebb5

  • SHA256

    b4a6734b6c77e47fdbc301d29e1da52231af6b8727f8d6ba63b34ba3406f0978

  • SHA512

    762db7ff74bfd06daabe96e1da09e8e9783217a6ddaea70b058c5cd625ab824027e1df8a8dd4e24c1900ecc161509811dd4e1c96bbf4b50f8a26b5ea61fb7a47

  • SSDEEP

    6144:rzusvgRpYnouN6kNKYHchyoh2lkNWeufFqDq3GSu3vul2i5Y:NAMVAYHchyhl+WeqUDUwW4i5Y

Malware Config

Extracted

Family

redline

Botnet

TO T GR

C2

185.222.58.71:46944

Attributes
  • auth_value

    3eb89650d5a344210439a591d875ab90

Targets

    • Target

      d83f915f1168157f84c6b533ec9fe4af1fe52f8e4d47720dbd7c3e1ba6b71e12.exe

    • Size

      395KB

    • MD5

      4a05503f38d90b67018f73456feda84f

    • SHA1

      7fbac3c07c2cf318d8962c3f96131a6344a0c6d9

    • SHA256

      d83f915f1168157f84c6b533ec9fe4af1fe52f8e4d47720dbd7c3e1ba6b71e12

    • SHA512

      a57c8de5a651c6188975f68603bcfce8ff7402bfb1408a45092ab1e0c93f1667f8d569f3a3e7c3f31dd8ca7e41189acdf6831392d4ff06fc859f36da9cb5a4d8

    • SSDEEP

      6144:k5U4v/7LarOKauR5k3zhfEaTziC4lcCPH2Bc5Bm0bFQO:+U4bIWu+zeC2Cyf3B

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks