General

  • Target

    17635c87dc18bac7860ca1ef4c32c138aef9d90b

  • Size

    314KB

  • Sample

    241109-zppqyssclj

  • MD5

    60492e6b873fb0e6f9c17d96b2101d88

  • SHA1

    17635c87dc18bac7860ca1ef4c32c138aef9d90b

  • SHA256

    12d1d240d3bffacbe13b5c91b75863e625d0516e459742dffad338761951560e

  • SHA512

    c998f0a97d29c725dfce6549830adef4daa70721f1ae02a26ccd274338eb6f3571318948b65ad19e030ca6a95ae28f88e5ff0c24d0235e766c2c8ca637387506

  • SSDEEP

    6144:eUgLpjp90jrpL6sz42bqrJiZXU+lpEoZ2v3pCLT0mY0:eUg91qjrlJzCUZXU+7E3v5CLTJP

Malware Config

Extracted

Family

redline

Botnet

123

C2

78.153.144.3:2510

Attributes
  • auth_value

    cd6abb0af211bce081d7bf127cc26835

Targets

    • Target

      17635c87dc18bac7860ca1ef4c32c138aef9d90b

    • Size

      314KB

    • MD5

      60492e6b873fb0e6f9c17d96b2101d88

    • SHA1

      17635c87dc18bac7860ca1ef4c32c138aef9d90b

    • SHA256

      12d1d240d3bffacbe13b5c91b75863e625d0516e459742dffad338761951560e

    • SHA512

      c998f0a97d29c725dfce6549830adef4daa70721f1ae02a26ccd274338eb6f3571318948b65ad19e030ca6a95ae28f88e5ff0c24d0235e766c2c8ca637387506

    • SSDEEP

      6144:eUgLpjp90jrpL6sz42bqrJiZXU+lpEoZ2v3pCLT0mY0:eUg91qjrlJzCUZXU+7E3v5CLTJP

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks