General

  • Target

    b4e70a58eaac0ebcdc02474c3c94e9eab5699c6e93bd46240dbd2786c071ddd1

  • Size

    372KB

  • Sample

    241110-bg4m5swenb

  • MD5

    bfbba0b144b6de5d112d3839cb86c624

  • SHA1

    0445fec45aedda8a90beba2ecf2511f3bd255534

  • SHA256

    b4e70a58eaac0ebcdc02474c3c94e9eab5699c6e93bd46240dbd2786c071ddd1

  • SHA512

    92a277b59e6e9fb4f46058a43cf3c619966e571e6fa862b6d692b930059355cf62396d8f0b9794a68146cf5bd1d1108f6fcee0af5b23194873227b8a1680236a

  • SSDEEP

    6144:TEgBsmV8x0G9YfYxVvS1wvjNiaaLSjnA:TEg0BxYCEaa

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      b4e70a58eaac0ebcdc02474c3c94e9eab5699c6e93bd46240dbd2786c071ddd1

    • Size

      372KB

    • MD5

      bfbba0b144b6de5d112d3839cb86c624

    • SHA1

      0445fec45aedda8a90beba2ecf2511f3bd255534

    • SHA256

      b4e70a58eaac0ebcdc02474c3c94e9eab5699c6e93bd46240dbd2786c071ddd1

    • SHA512

      92a277b59e6e9fb4f46058a43cf3c619966e571e6fa862b6d692b930059355cf62396d8f0b9794a68146cf5bd1d1108f6fcee0af5b23194873227b8a1680236a

    • SSDEEP

      6144:TEgBsmV8x0G9YfYxVvS1wvjNiaaLSjnA:TEg0BxYCEaa

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks