General

  • Target

    31a9163b975d8f22aacf808df98708a803482e16607ad15a9db3e46de06178ce

  • Size

    425KB

  • Sample

    241109-y3wkzszrez

  • MD5

    414ba6b41664c0e973736f3d4a28fa06

  • SHA1

    84283c8f577d8a662bb20be751df48e93915a084

  • SHA256

    31a9163b975d8f22aacf808df98708a803482e16607ad15a9db3e46de06178ce

  • SHA512

    b81a8efa952f6d06720e517f6b1b514ef2d3bf14a8c0337b53162aab6bad4ce27f18f33ea4726c17b43edb30f33b064dec32635a4dae995e21204e3ff3cba911

  • SSDEEP

    6144:ZhEhUR7NXRNcctWZzL2SeCi+AkDG/Jl7kP6YYUayvLHHZlofiDP9LtQtyfWJ:ZhEhQ1MLm+ANxl7kP6YYUDvLXoEVLOy

Malware Config

Extracted

Family

redline

Botnet

bbtt1

C2

212.193.30.196:13040

Attributes
  • auth_value

    fd6c3db35926ff1b33d500d0fb0ce060

Targets

    • Target

      31a9163b975d8f22aacf808df98708a803482e16607ad15a9db3e46de06178ce

    • Size

      425KB

    • MD5

      414ba6b41664c0e973736f3d4a28fa06

    • SHA1

      84283c8f577d8a662bb20be751df48e93915a084

    • SHA256

      31a9163b975d8f22aacf808df98708a803482e16607ad15a9db3e46de06178ce

    • SHA512

      b81a8efa952f6d06720e517f6b1b514ef2d3bf14a8c0337b53162aab6bad4ce27f18f33ea4726c17b43edb30f33b064dec32635a4dae995e21204e3ff3cba911

    • SSDEEP

      6144:ZhEhUR7NXRNcctWZzL2SeCi+AkDG/Jl7kP6YYUayvLHHZlofiDP9LtQtyfWJ:ZhEhQ1MLm+ANxl7kP6YYUDvLXoEVLOy

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks