General

  • Target

    344eb614ee4ea76df6b9d0d2ddf09c6450a0c9b6

  • Size

    299KB

  • Sample

    241110-bl69tswfla

  • MD5

    d4a61fb56cb093ed2da218be0fb393ab

  • SHA1

    344eb614ee4ea76df6b9d0d2ddf09c6450a0c9b6

  • SHA256

    b64b644dca760e6a8d16e15bd8e68df98024687999bef72812b0da7cad640b57

  • SHA512

    cc412e795f9ffb54014962374531adae0365a6a557464edf799269879ba4436668e84fc58ef45248de620928d5e83ae31b642f9e4f50e05bb8366a091a35b5ce

  • SSDEEP

    6144:/b+3sP6gpmmoaHuttVfWnFoOHQnHBZJrYEZFZjLhEER2yub+peLtkO9NRcKTTsvo:/bks7yH4FYnHBZJrYE/ZBtR2+OH+K3sA

Malware Config

Extracted

Family

redline

Botnet

mix17.02

C2

185.215.113.70:21508

Attributes
  • auth_value

    aa2603d1f612c5aea0a9585944dfaf3a

Targets

    • Target

      4ac36ef3ea57b947d23b568d74c11b5dc08d81913c97226c08732a8b5b2126a1

    • Size

      455KB

    • MD5

      dfcfbe3429762739bd4dbe212fbaca3e

    • SHA1

      db0638142ee7b601d1337167202b1c162c869806

    • SHA256

      4ac36ef3ea57b947d23b568d74c11b5dc08d81913c97226c08732a8b5b2126a1

    • SHA512

      e9e043c70c673aa39722cf1acb1ee8cbf56c144efb53e9c155cd69733c944c645a07ae0a30b344cd5a463af58f805fbb782a821ec22fd97e5c66e26833f8e26e

    • SSDEEP

      12288:heDjC5Uc9N5HGvLlAfFYnHBZZrYE/Z/tR2cNu6a7t:UaN5HsmtiZZ0M/L241a7

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks