General

  • Target

    a356d508dd945f4e7e857b29d527244794bcce59b1a2e4b57312d1695a7dae49

  • Size

    1.4MB

  • Sample

    241109-y6pxls1gpd

  • MD5

    fba6d78fc9d1581669d47ef7c0ca7019

  • SHA1

    975749e29f8f3a664ff935899e869426146ef63c

  • SHA256

    a356d508dd945f4e7e857b29d527244794bcce59b1a2e4b57312d1695a7dae49

  • SHA512

    476f8d3c758578b3d5096408850dcaac1aa88013115de0619873bf79adcdcce304ce76d56cf58e57a094507b4c7f5f9ec71dcda13534d3999c3daaf4e97a4214

  • SSDEEP

    24576:xyOKTshBYyckkKhlZDVecr8AhfHq/81XkVvCp17TFQAQwxod:kOKw/BDDYcZfHM81XkV6pzQp

Malware Config

Extracted

Family

redline

Botnet

most

C2

185.161.248.73:4164

Attributes
  • auth_value

    7da4dfa153f2919e617aa016f7c36008

Targets

    • Target

      a356d508dd945f4e7e857b29d527244794bcce59b1a2e4b57312d1695a7dae49

    • Size

      1.4MB

    • MD5

      fba6d78fc9d1581669d47ef7c0ca7019

    • SHA1

      975749e29f8f3a664ff935899e869426146ef63c

    • SHA256

      a356d508dd945f4e7e857b29d527244794bcce59b1a2e4b57312d1695a7dae49

    • SHA512

      476f8d3c758578b3d5096408850dcaac1aa88013115de0619873bf79adcdcce304ce76d56cf58e57a094507b4c7f5f9ec71dcda13534d3999c3daaf4e97a4214

    • SSDEEP

      24576:xyOKTshBYyckkKhlZDVecr8AhfHq/81XkVvCp17TFQAQwxod:kOKw/BDDYcZfHM81XkV6pzQp

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks