General

  • Target

    345861a8dc68b1a124a9036750c17e716a3af9dd6fc92bb654386927e8d98008

  • Size

    168KB

  • Sample

    241109-zzenqssdqm

  • MD5

    7c6d4ecdecd3b791b5e7f4d4a8cd1955

  • SHA1

    e809d47d5c2c227edc86024d533dab5f947c831f

  • SHA256

    345861a8dc68b1a124a9036750c17e716a3af9dd6fc92bb654386927e8d98008

  • SHA512

    0663e2fe42ac0b889ae25dbd1ef04c794f3382e3defa0902ffa1c36a8477d37bc36c2b7ccbbfc0291b3cb8b6c70a8ecfe6e9d52745bc4152c6d17f80018f546f

  • SSDEEP

    3072:8kmfv4r8W2qTvI2t2qVwoMTOIkvl98e8hg:gfvhZ/Rfkvl9

Malware Config

Extracted

Family

redline

Botnet

mixa

C2

185.161.248.75:4132

Attributes
  • auth_value

    9d14534b25ac495ab25b59800acf3bb2

Targets

    • Target

      345861a8dc68b1a124a9036750c17e716a3af9dd6fc92bb654386927e8d98008

    • Size

      168KB

    • MD5

      7c6d4ecdecd3b791b5e7f4d4a8cd1955

    • SHA1

      e809d47d5c2c227edc86024d533dab5f947c831f

    • SHA256

      345861a8dc68b1a124a9036750c17e716a3af9dd6fc92bb654386927e8d98008

    • SHA512

      0663e2fe42ac0b889ae25dbd1ef04c794f3382e3defa0902ffa1c36a8477d37bc36c2b7ccbbfc0291b3cb8b6c70a8ecfe6e9d52745bc4152c6d17f80018f546f

    • SSDEEP

      3072:8kmfv4r8W2qTvI2t2qVwoMTOIkvl98e8hg:gfvhZ/Rfkvl9

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks