General

  • Target

    8b7dc7d424d52b25e2c26c81fd29b499

  • Size

    326KB

  • Sample

    241109-z22w2svpcm

  • MD5

    8b7dc7d424d52b25e2c26c81fd29b499

  • SHA1

    8a11cabbfc0e176bf0202736ea36cecce666ae33

  • SHA256

    eaaaa865e9fa399c1081437df1a49391edefdbbae7eae1a75757067a579517eb

  • SHA512

    5f2e8323b4a6f9885a7a1e216537b67e40fa4e2bcb4c0ecc89aaae7c6995ac6599a23a9df5c3e46128bae5e560e0b3b869317046f21a80ca3e5ce5a9cc7e717e

  • SSDEEP

    6144:4kQuOSvy0tyg9E4rCRf9DX6E0ZYYIvNyEm8N:49uOSvy+RC+EOxIvgEm

Malware Config

Extracted

Family

redline

Botnet

TripleSBanks

C2

185.143.223.90:10024

Attributes
  • auth_value

    064872fe393e6f3a6d60eca59269d528

Targets

    • Target

      8b7dc7d424d52b25e2c26c81fd29b499

    • Size

      326KB

    • MD5

      8b7dc7d424d52b25e2c26c81fd29b499

    • SHA1

      8a11cabbfc0e176bf0202736ea36cecce666ae33

    • SHA256

      eaaaa865e9fa399c1081437df1a49391edefdbbae7eae1a75757067a579517eb

    • SHA512

      5f2e8323b4a6f9885a7a1e216537b67e40fa4e2bcb4c0ecc89aaae7c6995ac6599a23a9df5c3e46128bae5e560e0b3b869317046f21a80ca3e5ce5a9cc7e717e

    • SSDEEP

      6144:4kQuOSvy0tyg9E4rCRf9DX6E0ZYYIvNyEm8N:49uOSvy+RC+EOxIvgEm

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks