General

  • Target

    19fbe7b9f6e9c89dbba303c1987d67388b095daa05a11e16c67be6e4491bdc9e

  • Size

    51KB

  • Sample

    241109-z12jwsselj

  • MD5

    e35afc2fd780d2a8bbea1196b5bcdd75

  • SHA1

    19db8fac0f1fe0c389f055ba122f9b083e9c3ed0

  • SHA256

    19fbe7b9f6e9c89dbba303c1987d67388b095daa05a11e16c67be6e4491bdc9e

  • SHA512

    a3336d3a8e0239267f22f80d24036d8d4c6b648dfa2661b8545af09c18856ef059703ecdc005c0b79fc69eaec2a6d9dbc7a1baf587b52016d77ae9d17932fb90

  • SSDEEP

    1536:0TU2C1KW+X1pX20w6Q7mwOxaurbncg+AUK+EIXt7mKI:0Ar1R+l85U4urb3+QIXBmR

Malware Config

Extracted

Family

redline

Botnet

renta

C2

176.113.115.145:4125

Attributes
  • auth_value

    359596fd5b36e9925ade4d9a1846bafb

Targets

    • Target

      9c76191115359b42218abcaf133f0f09d088e2f90ef1d60712f9c98688323d70

    • Size

      175KB

    • MD5

      6855a7a80c0c0aa0de957cdce77cb1cb

    • SHA1

      3d29f6c44fb60bcd7b455d2f8634bc46152999f9

    • SHA256

      9c76191115359b42218abcaf133f0f09d088e2f90ef1d60712f9c98688323d70

    • SHA512

      37af2b06b4fd9adfc45d0f454a2afbcbd17155a832fdc531a14679805656d4cb8563c38c4d3d92300a8d82f14a075cc00534527d11ea6e7ba99e2ee46468008d

    • SSDEEP

      3072:jxqZWRZaPkOQ3TjmTseesFqh+XxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOuwh:1qZoTjalqh

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks