General

  • Target

    73c6e9a0a78b974c66288fda01580bd4ffc5f08dcf18bb6c0e77598f10182ce1

  • Size

    51KB

  • Sample

    241109-yl5sbsznfw

  • MD5

    08dc3ddd3ca414eda89cf526d8304770

  • SHA1

    547e5464d156671399ebd6cf1bc6dc2b1f6b6d17

  • SHA256

    73c6e9a0a78b974c66288fda01580bd4ffc5f08dcf18bb6c0e77598f10182ce1

  • SHA512

    07134a873aa983f26798fd15e03dfb05e305a92ec3c3f7656f14f6786ece9cc87a0102b246d2a04bf0ecd11deac8d9579afed9310582c45b8b7dc4660ccaa2c7

  • SSDEEP

    1536:VouPTlWk9khAqTlF+wBqIKnRF/crbTIx6:V3PJWkq5JF+wIL0rbG6

Malware Config

Extracted

Family

redline

Botnet

nado

C2

176.113.115.145:4125

Attributes
  • auth_value

    a648e365d8e0df895a84152ad68ffc56

Targets

    • Target

      82813fc02973d1ffcb8d7f89f6d0e457db66cdbac8dd3d1a4b86fd6da96ca97a

    • Size

      175KB

    • MD5

      ec18ac2f22fa9f9dda1a629e490a70ae

    • SHA1

      7811c81c29419878187e08379796a2627b6cccdc

    • SHA256

      82813fc02973d1ffcb8d7f89f6d0e457db66cdbac8dd3d1a4b86fd6da96ca97a

    • SHA512

      8f5a37c8339b685c00f6d85d197e057ec1d68df954d89da5d0ccc99d8184efd10b7f199b33b0fef1100550040fa85287727eca9a4cbe67bb84f984e0a6782fed

    • SSDEEP

      3072:yxqZWFFa7E6T825De559yhGfxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOuw+cO:gqZcMUyh

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks