General

  • Target

    ed024c526fdf875c00b05b0a7383d428

  • Size

    308KB

  • Sample

    241109-mdys9ssfln

  • MD5

    ed024c526fdf875c00b05b0a7383d428

  • SHA1

    399f64d95907d371d6b1022ad36bb8b0ff3a9471

  • SHA256

    48ba85d77eab7db65cfc42465c521554134717304bb16caeb3fd02df03338074

  • SHA512

    36291da9e6420afe43181aad30730edba29b5dc33a86f1c5c4bc032e6e52d17cb9f118319d77388d2188125cd5bc8c6a3a6e4ac71c5343e3e26a935164d37d67

  • SSDEEP

    6144:eUgLpjp90jrpL6sz42bqrJiZXU+lpEoZ2v3pCLT0mY0:eUg91qjrlJzCUZXU+7E3v5CLTJP

Malware Config

Extracted

Family

redline

Botnet

123

C2

78.153.144.3:2510

Attributes
  • auth_value

    cd6abb0af211bce081d7bf127cc26835

Targets

    • Target

      ed024c526fdf875c00b05b0a7383d428

    • Size

      308KB

    • MD5

      ed024c526fdf875c00b05b0a7383d428

    • SHA1

      399f64d95907d371d6b1022ad36bb8b0ff3a9471

    • SHA256

      48ba85d77eab7db65cfc42465c521554134717304bb16caeb3fd02df03338074

    • SHA512

      36291da9e6420afe43181aad30730edba29b5dc33a86f1c5c4bc032e6e52d17cb9f118319d77388d2188125cd5bc8c6a3a6e4ac71c5343e3e26a935164d37d67

    • SSDEEP

      6144:eUgLpjp90jrpL6sz42bqrJiZXU+lpEoZ2v3pCLT0mY0:eUg91qjrlJzCUZXU+7E3v5CLTJP

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks