General

  • Target

    ce692f9a002c6bac4154d625d6c6fc1e09dc4140505726990505e7bb70e71236

  • Size

    208KB

  • Sample

    241109-zvhjtssdkb

  • MD5

    f3a57cc5820cb79b2a438c490db037d8

  • SHA1

    984504ffe6a6d920dcd9f678110e2efe3d0e75ad

  • SHA256

    ce692f9a002c6bac4154d625d6c6fc1e09dc4140505726990505e7bb70e71236

  • SHA512

    6a9d1cf8377b249c509cdfdd65677462438c0145d424ed68e85ccc91fa32d8a8510f780ff4c380e15c54a49c1a7d1d7a32650e50af1a86f347fb46e23d8c0203

  • SSDEEP

    3072:5J5Vw/aUjB5AFewK3DP5H+BQKYR2UIrZ2hiiDSL+tO:5JA/Mww2HiQKf2h8y

Malware Config

Extracted

Family

redline

Botnet

covid

C2

45.147.231.243:15217

Attributes
  • auth_value

    b428f47d99a6aea97d565975b70e70fd

Targets

    • Target

      ce692f9a002c6bac4154d625d6c6fc1e09dc4140505726990505e7bb70e71236

    • Size

      208KB

    • MD5

      f3a57cc5820cb79b2a438c490db037d8

    • SHA1

      984504ffe6a6d920dcd9f678110e2efe3d0e75ad

    • SHA256

      ce692f9a002c6bac4154d625d6c6fc1e09dc4140505726990505e7bb70e71236

    • SHA512

      6a9d1cf8377b249c509cdfdd65677462438c0145d424ed68e85ccc91fa32d8a8510f780ff4c380e15c54a49c1a7d1d7a32650e50af1a86f347fb46e23d8c0203

    • SSDEEP

      3072:5J5Vw/aUjB5AFewK3DP5H+BQKYR2UIrZ2hiiDSL+tO:5JA/Mww2HiQKf2h8y

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks