General

  • Target

    b05b7be6a16f273f7911d93308472bf56a2a23babc2a0dbfa514e79def1ebece

  • Size

    293KB

  • Sample

    241109-mk71hssgnf

  • MD5

    7996ff8c55d25671994e0d800822f128

  • SHA1

    a7a285292601368ad8ae30f4a81a29c9b5b59f6b

  • SHA256

    b05b7be6a16f273f7911d93308472bf56a2a23babc2a0dbfa514e79def1ebece

  • SHA512

    356d747d65100cb1f94f267b23b3f3b4729f2decad92fc9e2cce7ee27ab68ca6d952f90bb643fb23bf2ecaaa91ba3abcb54647d171fd695bc2e3e6096991f3c2

  • SSDEEP

    6144:JL0WbINz35Zf9eCHBlO8gzx/PAqqVZ1KjEnL6nYen8g9uzbgwu:JQWb8fAgXO8IPAq+ZQj+6YeP9unn

Malware Config

Extracted

Family

redline

Botnet

ww

C2

45.9.20.168:46257

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      b05b7be6a16f273f7911d93308472bf56a2a23babc2a0dbfa514e79def1ebece

    • Size

      293KB

    • MD5

      7996ff8c55d25671994e0d800822f128

    • SHA1

      a7a285292601368ad8ae30f4a81a29c9b5b59f6b

    • SHA256

      b05b7be6a16f273f7911d93308472bf56a2a23babc2a0dbfa514e79def1ebece

    • SHA512

      356d747d65100cb1f94f267b23b3f3b4729f2decad92fc9e2cce7ee27ab68ca6d952f90bb643fb23bf2ecaaa91ba3abcb54647d171fd695bc2e3e6096991f3c2

    • SSDEEP

      6144:JL0WbINz35Zf9eCHBlO8gzx/PAqqVZ1KjEnL6nYen8g9uzbgwu:JQWb8fAgXO8IPAq+ZQj+6YeP9unn

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks