General

  • Target

    2108dca0c513798d4f6275660617227d85c3ec9448b24955243566c38f24cd14

  • Size

    307KB

  • Sample

    241109-ydjj5a1blq

  • MD5

    8afb58ca1d3ffa9ea8dbb35676a96d79

  • SHA1

    ccae11fd4230d26bb038d98ecbfbee8f85c4fe7b

  • SHA256

    2108dca0c513798d4f6275660617227d85c3ec9448b24955243566c38f24cd14

  • SHA512

    b439e28d6923d10397513bd6a86783e486a3adf0930e379449dd47f7402132ef748f25a9ebdbb564f4d3061dadd136ca9ad39c8a51c1ecabd686318824a8b31b

  • SSDEEP

    6144:51Liyv2hDLd3aANVKZxYINEHzeSO1Hy7a:LWyIBaNrNu/O1H

Malware Config

Extracted

Family

redline

Botnet

ww

C2

45.9.20.168:46257

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      2108dca0c513798d4f6275660617227d85c3ec9448b24955243566c38f24cd14

    • Size

      307KB

    • MD5

      8afb58ca1d3ffa9ea8dbb35676a96d79

    • SHA1

      ccae11fd4230d26bb038d98ecbfbee8f85c4fe7b

    • SHA256

      2108dca0c513798d4f6275660617227d85c3ec9448b24955243566c38f24cd14

    • SHA512

      b439e28d6923d10397513bd6a86783e486a3adf0930e379449dd47f7402132ef748f25a9ebdbb564f4d3061dadd136ca9ad39c8a51c1ecabd686318824a8b31b

    • SSDEEP

      6144:51Liyv2hDLd3aANVKZxYINEHzeSO1Hy7a:LWyIBaNrNu/O1H

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks