General

  • Target

    e8812ad803fef7f8437cced403b42c140685d1ead192d6f24b609f197d68da51

  • Size

    371KB

  • Sample

    241109-nd9q7stcpb

  • MD5

    359849cfd3936fe5925151c1de6ddec7

  • SHA1

    8215015b416dd9407282a1ab85d87369bf95d319

  • SHA256

    e8812ad803fef7f8437cced403b42c140685d1ead192d6f24b609f197d68da51

  • SHA512

    ed6f5641ba93308a05779fb61766a709618ad823377e58966ffc6c29999d4d629d339e951c464e5cf3de8d8c25333e569a10554e8463ef3f18af46d0ecbac0b6

  • SSDEEP

    6144:K5T6cP+DC7WJrK3tg4LobitExnGRZyodb7ITsqXigaXwVfh:K5T6cEKWJMW7GR5h7R

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      e8812ad803fef7f8437cced403b42c140685d1ead192d6f24b609f197d68da51

    • Size

      371KB

    • MD5

      359849cfd3936fe5925151c1de6ddec7

    • SHA1

      8215015b416dd9407282a1ab85d87369bf95d319

    • SHA256

      e8812ad803fef7f8437cced403b42c140685d1ead192d6f24b609f197d68da51

    • SHA512

      ed6f5641ba93308a05779fb61766a709618ad823377e58966ffc6c29999d4d629d339e951c464e5cf3de8d8c25333e569a10554e8463ef3f18af46d0ecbac0b6

    • SSDEEP

      6144:K5T6cP+DC7WJrK3tg4LobitExnGRZyodb7ITsqXigaXwVfh:K5T6cEKWJMW7GR5h7R

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks