General

  • Target

    378e8b386ebc580a5dfd1b2e901304921aa63fa16181e03da553b39566325f4e

  • Size

    277KB

  • Sample

    241110-bmabgsvqhx

  • MD5

    3c5734f5c82a36f523a2766f09e6b009

  • SHA1

    f85d80f91db09ab3bae1998b7a0ecae1e18eeff7

  • SHA256

    378e8b386ebc580a5dfd1b2e901304921aa63fa16181e03da553b39566325f4e

  • SHA512

    a6b3059a162a5ec86c8b4c23dff417f2ec47d0cb817b5930b650451eb03b9577bf04558b73597403b436504d6050a40d91f7b2a822c0415f8c50eaac02b54138

  • SSDEEP

    6144:G+eDfpFuMfe3iqdKnWIKM85ZFN8vOlpu8Ir1P3B9lduJ:zeDfeMfVnWIvGVBzuHrB3B/d0

Malware Config

Extracted

Family

redline

Botnet

quarilymmitn.xyz

C2

80.66.87.50:49099

Attributes
  • auth_value

    f88427f0e1cb5da041f5d6d2c6bc3670

Targets

    • Target

      6c3e4da4d2570cae2d958926f84d9bf0577737f3bf403d8e1207b8154cac0dcb.exe

    • Size

      352KB

    • MD5

      32e370cca53b2396ed2654d02389e7fa

    • SHA1

      8dd9fbf745a793e4047f6ed18e7ebc72914a6293

    • SHA256

      6c3e4da4d2570cae2d958926f84d9bf0577737f3bf403d8e1207b8154cac0dcb

    • SHA512

      5c79af92dc0541217923a4c70f41acf3d0ddd61f9e2974a834b5907850e1c531367a9863863c2282713c31a204a45cbc7c22e79fbc5f2c0ae19da9562c518f43

    • SSDEEP

      6144:b++bgDdzBKW2MwctvWW6j7rbX+RJDHN08WwHai14j9UM6wxd9SDkGX:bT2BZ7wGvWPj7GPDtnHaCmpz+

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks