General

  • Target

    ce4bdbfcf7d20113816a347c529e6c7c4cac19834adb85da07b0d9724bc05501

  • Size

    318KB

  • Sample

    241110-bfj74swdjr

  • MD5

    862713336e4da9ce9cc5a1c337ddd93b

  • SHA1

    7ec45dcda535c801dd811a726c8028da88100fe6

  • SHA256

    ce4bdbfcf7d20113816a347c529e6c7c4cac19834adb85da07b0d9724bc05501

  • SHA512

    ffb1501ca175b8d0b779bfab52d97110ceea3227638dacc1933c7d0c84b38e1f0caacfd08127c75300c2a14b245e16d45f7c9b529f87587403d1da9f236c09fc

  • SSDEEP

    6144:gFL5YeNTft07bw4qt5xbRVoquGvEFMFXLX/A6n:01YeNTQbw445xbRiGvE6FbX/j

Malware Config

Extracted

Family

redline

Botnet

ww

C2

45.9.20.168:46257

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      ce4bdbfcf7d20113816a347c529e6c7c4cac19834adb85da07b0d9724bc05501

    • Size

      318KB

    • MD5

      862713336e4da9ce9cc5a1c337ddd93b

    • SHA1

      7ec45dcda535c801dd811a726c8028da88100fe6

    • SHA256

      ce4bdbfcf7d20113816a347c529e6c7c4cac19834adb85da07b0d9724bc05501

    • SHA512

      ffb1501ca175b8d0b779bfab52d97110ceea3227638dacc1933c7d0c84b38e1f0caacfd08127c75300c2a14b245e16d45f7c9b529f87587403d1da9f236c09fc

    • SSDEEP

      6144:gFL5YeNTft07bw4qt5xbRVoquGvEFMFXLX/A6n:01YeNTQbw445xbRiGvE6FbX/j

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks