General

  • Target

    95bcb3aebd2e78f5087b748f68aa5997c50a47d183acda5a65fcaa97bf092612

  • Size

    298KB

  • Sample

    241110-tmvarstldj

  • MD5

    37a579d54e0c21819836ab5f8930c813

  • SHA1

    7cc2bde7087c20f34d9158007143ef236cc46e7f

  • SHA256

    95bcb3aebd2e78f5087b748f68aa5997c50a47d183acda5a65fcaa97bf092612

  • SHA512

    4024ed342b2303959316f64f01bb183078b9092cf3db86c3c020c4a3925aa5b42eebec4fc6036766dd7a826ce2771aa89c8636d7f7d74a8c63070c456a110dac

  • SSDEEP

    6144:52ECIjjW+LuLIe0T1eXwp8bXk3X4G1cmL2Gp2eT:5FCIjjW6vTHcmLxAe

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      95bcb3aebd2e78f5087b748f68aa5997c50a47d183acda5a65fcaa97bf092612

    • Size

      298KB

    • MD5

      37a579d54e0c21819836ab5f8930c813

    • SHA1

      7cc2bde7087c20f34d9158007143ef236cc46e7f

    • SHA256

      95bcb3aebd2e78f5087b748f68aa5997c50a47d183acda5a65fcaa97bf092612

    • SHA512

      4024ed342b2303959316f64f01bb183078b9092cf3db86c3c020c4a3925aa5b42eebec4fc6036766dd7a826ce2771aa89c8636d7f7d74a8c63070c456a110dac

    • SSDEEP

      6144:52ECIjjW+LuLIe0T1eXwp8bXk3X4G1cmL2Gp2eT:5FCIjjW6vTHcmLxAe

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks