General

  • Target

    9b5bd2cabbe50b90230166d48acea2673c5b1776cb98a2bfbc497a16c5022cd9N

  • Size

    354KB

  • Sample

    241109-mg1r2asgjb

  • MD5

    6ee900c12bc6b1c79ff87ad0229300a0

  • SHA1

    02cacf40fbc64777570d7495d15e41d7c21fb9b7

  • SHA256

    9b5bd2cabbe50b90230166d48acea2673c5b1776cb98a2bfbc497a16c5022cd9

  • SHA512

    1e94a4b8fcf362b0e412e3ae59ade61f9f8aee11ca05d0fe565b629844130ac5f2fdc327ab5f72db8845e98c1cc327299f1132a40ba183f713906f956897493d

  • SSDEEP

    6144:Yrx/0CgkAuhC5f972TueBTeM7MTEDwZxB/1tr14najww:8x/akAF5l7Sf7+E8ZxR/Wn4

Malware Config

Extracted

Family

redline

Botnet

rosn

C2

176.113.115.145:4125

Attributes
  • auth_value

    050a19e1db4d0024b0f23b37dcf961f4

Targets

    • Target

      9b5bd2cabbe50b90230166d48acea2673c5b1776cb98a2bfbc497a16c5022cd9N

    • Size

      354KB

    • MD5

      6ee900c12bc6b1c79ff87ad0229300a0

    • SHA1

      02cacf40fbc64777570d7495d15e41d7c21fb9b7

    • SHA256

      9b5bd2cabbe50b90230166d48acea2673c5b1776cb98a2bfbc497a16c5022cd9

    • SHA512

      1e94a4b8fcf362b0e412e3ae59ade61f9f8aee11ca05d0fe565b629844130ac5f2fdc327ab5f72db8845e98c1cc327299f1132a40ba183f713906f956897493d

    • SSDEEP

      6144:Yrx/0CgkAuhC5f972TueBTeM7MTEDwZxB/1tr14najww:8x/akAF5l7Sf7+E8ZxR/Wn4

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks