General

  • Target

    48002b7f801f461a23d4cdd123b087d79d481bd3e0d9b7e05a7c36faa2a113bb

  • Size

    293KB

  • Sample

    241109-mecmes1rfs

  • MD5

    13029feb4c803fb379e5352c4cc1278b

  • SHA1

    1ec5c6a4c197c3a1d6a768860ff526ab093c1cce

  • SHA256

    48002b7f801f461a23d4cdd123b087d79d481bd3e0d9b7e05a7c36faa2a113bb

  • SHA512

    e0cd06d9a60abd077624ce541bacdb95e588da15ce1df743ba3c60b86dee1cd77d166254d19d0314865f7d955f330398c48eb0b7aa33dfe749b4f4f811576f21

  • SSDEEP

    6144:st4ELrrMBa2I+QoWfyJqdkUV+Nuzbgwu:st4EHrMBf1RWfyJqdkNunn

Malware Config

Extracted

Family

redline

Botnet

ww

C2

45.9.20.168:46257

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      48002b7f801f461a23d4cdd123b087d79d481bd3e0d9b7e05a7c36faa2a113bb

    • Size

      293KB

    • MD5

      13029feb4c803fb379e5352c4cc1278b

    • SHA1

      1ec5c6a4c197c3a1d6a768860ff526ab093c1cce

    • SHA256

      48002b7f801f461a23d4cdd123b087d79d481bd3e0d9b7e05a7c36faa2a113bb

    • SHA512

      e0cd06d9a60abd077624ce541bacdb95e588da15ce1df743ba3c60b86dee1cd77d166254d19d0314865f7d955f330398c48eb0b7aa33dfe749b4f4f811576f21

    • SSDEEP

      6144:st4ELrrMBa2I+QoWfyJqdkUV+Nuzbgwu:st4EHrMBf1RWfyJqdkNunn

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks