General

  • Target

    02b08527f08992fe1dcd6267e7f663f445997d48335370800e54c7f106e6de32

  • Size

    438KB

  • Sample

    241110-xec83askbw

  • MD5

    bd8bdafe11355ba7c47a1f305aaec974

  • SHA1

    5f6a73c4dac73540eda06f6b0dda3950f72ab6c0

  • SHA256

    02b08527f08992fe1dcd6267e7f663f445997d48335370800e54c7f106e6de32

  • SHA512

    585c012a55dacc274880961ae36cfd3ce2b9e4d88eb0bae938b1a577de86cdc9f1613d79d0c0a178926e8d75d72da18cafbad39ef37b165ce021af08cf962a5a

  • SSDEEP

    12288:NEqMZp5yIZX2efc4zNUGgxPpTRSRjAHfi5nHTkoPASPQfo/t:R6pYMf5x7GoPAJQ

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      02b08527f08992fe1dcd6267e7f663f445997d48335370800e54c7f106e6de32

    • Size

      438KB

    • MD5

      bd8bdafe11355ba7c47a1f305aaec974

    • SHA1

      5f6a73c4dac73540eda06f6b0dda3950f72ab6c0

    • SHA256

      02b08527f08992fe1dcd6267e7f663f445997d48335370800e54c7f106e6de32

    • SHA512

      585c012a55dacc274880961ae36cfd3ce2b9e4d88eb0bae938b1a577de86cdc9f1613d79d0c0a178926e8d75d72da18cafbad39ef37b165ce021af08cf962a5a

    • SSDEEP

      12288:NEqMZp5yIZX2efc4zNUGgxPpTRSRjAHfi5nHTkoPASPQfo/t:R6pYMf5x7GoPAJQ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks