General

  • Target

    ea9e23827fe7e410dc20704cac67e653afaead93

  • Size

    314KB

  • Sample

    241109-yk3lkstmfl

  • MD5

    a27c7b3773ed4b29c72464eea11aa190

  • SHA1

    ea9e23827fe7e410dc20704cac67e653afaead93

  • SHA256

    c0db8bbaabd5f1e497fdb7048df2aa16c2bf03dabffa0d45beafc08e1ac89515

  • SHA512

    4ee3888c291f065fb117d6c0176f8cd88f5cc636cd8c968d875b5b0028f6317fc903cbe24967f334a24162e3c4a1facace775caff573902e9833c2c65b5538b9

  • SSDEEP

    6144:eUgLpjp90jrpL6sz42bqrJiZXU+lpEoZ2v3pCLT0mY0:eUg91qjrlJzCUZXU+7E3v5CLTJP

Malware Config

Extracted

Family

redline

Botnet

123

C2

78.153.144.3:2510

Attributes
  • auth_value

    cd6abb0af211bce081d7bf127cc26835

Targets

    • Target

      ea9e23827fe7e410dc20704cac67e653afaead93

    • Size

      314KB

    • MD5

      a27c7b3773ed4b29c72464eea11aa190

    • SHA1

      ea9e23827fe7e410dc20704cac67e653afaead93

    • SHA256

      c0db8bbaabd5f1e497fdb7048df2aa16c2bf03dabffa0d45beafc08e1ac89515

    • SHA512

      4ee3888c291f065fb117d6c0176f8cd88f5cc636cd8c968d875b5b0028f6317fc903cbe24967f334a24162e3c4a1facace775caff573902e9833c2c65b5538b9

    • SSDEEP

      6144:eUgLpjp90jrpL6sz42bqrJiZXU+lpEoZ2v3pCLT0mY0:eUg91qjrlJzCUZXU+7E3v5CLTJP

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks