General

  • Target

    a44e289036bf3bd94066595a865dec53e3313410eb59879b953ed1d984a29f22

  • Size

    176KB

  • Sample

    241110-bm5sdsyqdm

  • MD5

    a8aef421aad95ba54eed120e76a112ef

  • SHA1

    a2aa84393b609dbd5e57e1427dadcfc6640ab1b0

  • SHA256

    a44e289036bf3bd94066595a865dec53e3313410eb59879b953ed1d984a29f22

  • SHA512

    9a29043f6d463f7d70b8711e1dfa976b3b155d825f1d52198e6c99b49217ece435278183f6b03ae5fabb349c669c610fb8bff3f50449bf65c1b99119d3950cfa

  • SSDEEP

    3072:pxqZWzvagwoMR3I58ZlHeR5FthXfxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOb:bqZVY8qth

Malware Config

Extracted

Family

redline

Botnet

spora

C2

176.113.115.145:4125

Attributes
  • auth_value

    441b39ab37774b2ca9931c31e1bc6071

Targets

    • Target

      a44e289036bf3bd94066595a865dec53e3313410eb59879b953ed1d984a29f22

    • Size

      176KB

    • MD5

      a8aef421aad95ba54eed120e76a112ef

    • SHA1

      a2aa84393b609dbd5e57e1427dadcfc6640ab1b0

    • SHA256

      a44e289036bf3bd94066595a865dec53e3313410eb59879b953ed1d984a29f22

    • SHA512

      9a29043f6d463f7d70b8711e1dfa976b3b155d825f1d52198e6c99b49217ece435278183f6b03ae5fabb349c669c610fb8bff3f50449bf65c1b99119d3950cfa

    • SSDEEP

      3072:pxqZWzvagwoMR3I58ZlHeR5FthXfxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOb:bqZVY8qth

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks