General

  • Target

    a096a5e57f2f32b6409d503ef8e85876f2d69335b8dde082814fe2c16b68edf2

  • Size

    325KB

  • Sample

    241109-xnsecazfmn

  • MD5

    807135213c4ebfd03d9193e34f411716

  • SHA1

    c324789895b938341e9f2a63528a3049165f8f3e

  • SHA256

    a096a5e57f2f32b6409d503ef8e85876f2d69335b8dde082814fe2c16b68edf2

  • SHA512

    3809ea49b48e2d2525e2964bb7fd6cff0abbf9837eda727d190972ec4f38c14278835e1f3c92901005dbcc516468fbe4b92f54c3a6a706f9270ac8c7add2e5ad

  • SSDEEP

    6144:4kQuOSvy0tyg9E4rCRf9DX6E0ZYYIvNyEm8N:49uOSvy+RC+EOxIvgEm

Malware Config

Extracted

Family

redline

Botnet

TripleSBanks

C2

185.143.223.90:10024

Attributes
  • auth_value

    064872fe393e6f3a6d60eca59269d528

Targets

    • Target

      a096a5e57f2f32b6409d503ef8e85876f2d69335b8dde082814fe2c16b68edf2

    • Size

      325KB

    • MD5

      807135213c4ebfd03d9193e34f411716

    • SHA1

      c324789895b938341e9f2a63528a3049165f8f3e

    • SHA256

      a096a5e57f2f32b6409d503ef8e85876f2d69335b8dde082814fe2c16b68edf2

    • SHA512

      3809ea49b48e2d2525e2964bb7fd6cff0abbf9837eda727d190972ec4f38c14278835e1f3c92901005dbcc516468fbe4b92f54c3a6a706f9270ac8c7add2e5ad

    • SSDEEP

      6144:4kQuOSvy0tyg9E4rCRf9DX6E0ZYYIvNyEm8N:49uOSvy+RC+EOxIvgEm

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks