General

  • Target

    a90aa6e1f156ed749bb5a602695302d2e9d184356591a4666deef22f9a3b3e3b

  • Size

    407KB

  • Sample

    241110-bsat7swerl

  • MD5

    1c854f8b64fcb6c69357d77bf1c1fe1e

  • SHA1

    9e9242601dda85e49a1e5df666fc3f1b979f324a

  • SHA256

    a90aa6e1f156ed749bb5a602695302d2e9d184356591a4666deef22f9a3b3e3b

  • SHA512

    45d1cb6618fc066aecfa459f30946ec854cfedeb6e4806b30d867f7621d99b86ef5e79680252d4ca888d28565a87f36e47a049d84306e373bed6078242f53d4b

  • SSDEEP

    12288:DVin8X/43iC7ZoAcrmLqQBbZeLpIEaASEhe:/43iC7u10ZvEa+e

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      a90aa6e1f156ed749bb5a602695302d2e9d184356591a4666deef22f9a3b3e3b

    • Size

      407KB

    • MD5

      1c854f8b64fcb6c69357d77bf1c1fe1e

    • SHA1

      9e9242601dda85e49a1e5df666fc3f1b979f324a

    • SHA256

      a90aa6e1f156ed749bb5a602695302d2e9d184356591a4666deef22f9a3b3e3b

    • SHA512

      45d1cb6618fc066aecfa459f30946ec854cfedeb6e4806b30d867f7621d99b86ef5e79680252d4ca888d28565a87f36e47a049d84306e373bed6078242f53d4b

    • SSDEEP

      12288:DVin8X/43iC7ZoAcrmLqQBbZeLpIEaASEhe:/43iC7u10ZvEa+e

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks