General

  • Target

    8798198d1fecbd6846d4bec4cf4dab03717b3ad7895a99c4bf7b4bb713e55819

  • Size

    410KB

  • Sample

    241109-zp1s8asclb

  • MD5

    6f7f9963ede9907a9f1b88a02e4f429b

  • SHA1

    92397fd1f4fe7a2dbeecba6b1cbc13384190136b

  • SHA256

    8798198d1fecbd6846d4bec4cf4dab03717b3ad7895a99c4bf7b4bb713e55819

  • SHA512

    038f3d2f4e7c1bb3f3fe042bbe7eb5184e165ebe305d8f20109fbc45c5425301fab83c23621dad2effe30395639090677a4694d7a073447112aefc8602f8704b

  • SSDEEP

    6144:xe7JNLtZXhjwNjndQBvVDFcK5ykXWxpyk11EcQx06SnBz:oJNLFwhd4VDFrykXWxpyKEcQx07B

Malware Config

Extracted

Family

redline

Botnet

170

C2

45.9.20.240:46257

Attributes
  • auth_value

    73f905977a8199ea3d396a0a7d0ae6c8

Targets

    • Target

      8798198d1fecbd6846d4bec4cf4dab03717b3ad7895a99c4bf7b4bb713e55819

    • Size

      410KB

    • MD5

      6f7f9963ede9907a9f1b88a02e4f429b

    • SHA1

      92397fd1f4fe7a2dbeecba6b1cbc13384190136b

    • SHA256

      8798198d1fecbd6846d4bec4cf4dab03717b3ad7895a99c4bf7b4bb713e55819

    • SHA512

      038f3d2f4e7c1bb3f3fe042bbe7eb5184e165ebe305d8f20109fbc45c5425301fab83c23621dad2effe30395639090677a4694d7a073447112aefc8602f8704b

    • SSDEEP

      6144:xe7JNLtZXhjwNjndQBvVDFcK5ykXWxpyk11EcQx06SnBz:oJNLFwhd4VDFrykXWxpyKEcQx07B

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks