General

  • Target

    bfad9a3b14cb2fb84878cd14ed2d10fd5d64b93481e75f73b1836203c13b59b6

  • Size

    285KB

  • Sample

    241109-xpjtlayrdz

  • MD5

    03aadc2e75f538e87540f6c4c1355345

  • SHA1

    a6560f418785d8485fc046f74692a3ee100bdba9

  • SHA256

    bfad9a3b14cb2fb84878cd14ed2d10fd5d64b93481e75f73b1836203c13b59b6

  • SHA512

    4c809e3773ed9b398bda6f3514bd7e4d532d299dd208256cac26a538fb538ede1710e8329eab88f916e68502c6ed3205e1e63f1c2b13a76cee4e3d054151cb20

  • SSDEEP

    6144:Vz4KD6R5nGuybuDHcRUqhkX4j2ZlKW0SfBOzrozeGjW:VMKD6f7HKUQkX5ySZOPoQ

Malware Config

Extracted

Family

redline

Botnet

271@2023

C2

77.73.133.62:22344

Attributes
  • auth_value

    1ee05d97bb1f23e9ac01ec6d1a5f1ffb

Targets

    • Target

      37be94f31f44632cac0a616918a2357dd322833b487eae1553bfb521734da39f.exe

    • Size

      389KB

    • MD5

      f835e213a04f00448d6641403506ced9

    • SHA1

      2c30f269e1cf8a1644adb9c21d0523dd929d407a

    • SHA256

      37be94f31f44632cac0a616918a2357dd322833b487eae1553bfb521734da39f

    • SHA512

      61b9f9cdb029d34a130ea21d427c9609a3a3dcda39042c8ef59151d5caf23766d7060958f2193b8d50e51629b636012a7d3fe61833f5765eb39b1669a5d2eeef

    • SSDEEP

      6144:+L7rB82Wjl3vKdqIfbAW2j5I6vPxBJwIqA7KZ4Q7u55u:+PVkKVbY9IqZBKd5Z4L/u

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks