General

  • Target

    db35d6bc8b2ea03b343b5010362989d87c13120bdc9cdcf2facd9158412c5ffd

  • Size

    306KB

  • Sample

    241109-yeeybs1bna

  • MD5

    cc1fee309b902fadb854bc6e78404f60

  • SHA1

    31ca60fd2bc08215d39de87643137b81e0154416

  • SHA256

    db35d6bc8b2ea03b343b5010362989d87c13120bdc9cdcf2facd9158412c5ffd

  • SHA512

    968a72a0e3c7e46d5a89eef2a1e28fa9671b9f642f74b4bbd0c915c07c2e66d74c54c2f57b4c4c0ffac3667a3221ab18e46ccefe2ff0d00b5c1d32b98ceec510

  • SSDEEP

    6144:eUgLpjp90jrpL6sz42bqrJiZXU+lpEoZ2v3pCLT0mY0:eUg91qjrlJzCUZXU+7E3v5CLTJP

Malware Config

Extracted

Family

redline

Botnet

123

C2

78.153.144.3:2510

Attributes
  • auth_value

    cd6abb0af211bce081d7bf127cc26835

Targets

    • Target

      db35d6bc8b2ea03b343b5010362989d87c13120bdc9cdcf2facd9158412c5ffd

    • Size

      306KB

    • MD5

      cc1fee309b902fadb854bc6e78404f60

    • SHA1

      31ca60fd2bc08215d39de87643137b81e0154416

    • SHA256

      db35d6bc8b2ea03b343b5010362989d87c13120bdc9cdcf2facd9158412c5ffd

    • SHA512

      968a72a0e3c7e46d5a89eef2a1e28fa9671b9f642f74b4bbd0c915c07c2e66d74c54c2f57b4c4c0ffac3667a3221ab18e46ccefe2ff0d00b5c1d32b98ceec510

    • SSDEEP

      6144:eUgLpjp90jrpL6sz42bqrJiZXU+lpEoZ2v3pCLT0mY0:eUg91qjrlJzCUZXU+7E3v5CLTJP

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks