General

  • Target

    c007ecef228237d9a80edcb12749ccf2cc92c5252b83533a2abd39264b4e886e

  • Size

    293KB

  • Sample

    241109-mkyf3ssglp

  • MD5

    d8ec0bfe9752f52d4c8b6781b3cea2a5

  • SHA1

    1fa36715b41b60b2be61afcb16d7f6a4bc21608f

  • SHA256

    c007ecef228237d9a80edcb12749ccf2cc92c5252b83533a2abd39264b4e886e

  • SHA512

    b543e8ebcdc8556cd4f1b77e0e18c211a4ea4815b939746708ba96f8d80a2f36c47b440bcacd284d4c7a382da7933b44029e21f56f23edd4144d78afe9ec3ff4

  • SSDEEP

    6144:JL0WbINz35Zf9eCHBlO8gzx/PAqqVZ1KjEnL6nYen8g9uzbgwu:JQWb8fAgXO8IPAq+ZQj+6YeP9unn

Malware Config

Extracted

Family

redline

Botnet

ww

C2

45.9.20.168:46257

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      c007ecef228237d9a80edcb12749ccf2cc92c5252b83533a2abd39264b4e886e

    • Size

      293KB

    • MD5

      d8ec0bfe9752f52d4c8b6781b3cea2a5

    • SHA1

      1fa36715b41b60b2be61afcb16d7f6a4bc21608f

    • SHA256

      c007ecef228237d9a80edcb12749ccf2cc92c5252b83533a2abd39264b4e886e

    • SHA512

      b543e8ebcdc8556cd4f1b77e0e18c211a4ea4815b939746708ba96f8d80a2f36c47b440bcacd284d4c7a382da7933b44029e21f56f23edd4144d78afe9ec3ff4

    • SSDEEP

      6144:JL0WbINz35Zf9eCHBlO8gzx/PAqqVZ1KjEnL6nYen8g9uzbgwu:JQWb8fAgXO8IPAq+ZQj+6YeP9unn

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks