General

  • Target

    7642d1576369c61f2914e75e5b9be8e4c3cabb3f165efa368039e0c1fd1c20f4

  • Size

    340KB

  • Sample

    241109-zt5b7ssdkj

  • MD5

    19944846f0946b23bef2cebe8ca55627

  • SHA1

    1d8b4de21f40c4c8b5b1716b1c6c735cb1505246

  • SHA256

    7642d1576369c61f2914e75e5b9be8e4c3cabb3f165efa368039e0c1fd1c20f4

  • SHA512

    4d0f5e733361a8dc17532adb9adb7192303c2e8018f5b9dfd414b3d18764b61ea6103bf7c9717cbb6eb2e6cca214757d5d69896c835cc6a4ebd08f216fa729b5

  • SSDEEP

    6144:4CCwPKN+K8cVoQpZIfgvLadtp9vBDZyR/dt:4CI+K8cJZMgvLafO

Malware Config

Extracted

Family

redline

Botnet

noname

C2

185.215.113.29:20819

Attributes
  • auth_value

    ee92d883673b7156fdd66cac5fc8d2d0

Targets

    • Target

      7642d1576369c61f2914e75e5b9be8e4c3cabb3f165efa368039e0c1fd1c20f4

    • Size

      340KB

    • MD5

      19944846f0946b23bef2cebe8ca55627

    • SHA1

      1d8b4de21f40c4c8b5b1716b1c6c735cb1505246

    • SHA256

      7642d1576369c61f2914e75e5b9be8e4c3cabb3f165efa368039e0c1fd1c20f4

    • SHA512

      4d0f5e733361a8dc17532adb9adb7192303c2e8018f5b9dfd414b3d18764b61ea6103bf7c9717cbb6eb2e6cca214757d5d69896c835cc6a4ebd08f216fa729b5

    • SSDEEP

      6144:4CCwPKN+K8cVoQpZIfgvLadtp9vBDZyR/dt:4CI+K8cJZMgvLafO

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks