General

  • Target

    71e3554ee44f11402fb2e0971e020385f611f65e655c0db854ed7caf66dbc4ef

  • Size

    445KB

  • Sample

    241111-ggqn6sxnem

  • MD5

    4251977f22b287f19ba0c2e37c4b79f4

  • SHA1

    480ba30f9ba3ec8b37d3e05a26766552f8f15fd6

  • SHA256

    71e3554ee44f11402fb2e0971e020385f611f65e655c0db854ed7caf66dbc4ef

  • SHA512

    94f91e618f7bf0a8e8c98d66337894449bab2be4e759b8e5a823bdd0a65d407872f1d7d815bf568bed7c50190bd556ef5697f6a2a8c1a6db509d329812ca521f

  • SSDEEP

    6144:Kl0lqPY5O5kTt6196AvXlyQFSWXLGIz78B/0h5chg+rQWKO:FlFO5A6eAflyQdXLGIzoB/s5chgf

Malware Config

Extracted

Family

redline

Botnet

ww

C2

45.9.20.168:46257

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      71e3554ee44f11402fb2e0971e020385f611f65e655c0db854ed7caf66dbc4ef

    • Size

      445KB

    • MD5

      4251977f22b287f19ba0c2e37c4b79f4

    • SHA1

      480ba30f9ba3ec8b37d3e05a26766552f8f15fd6

    • SHA256

      71e3554ee44f11402fb2e0971e020385f611f65e655c0db854ed7caf66dbc4ef

    • SHA512

      94f91e618f7bf0a8e8c98d66337894449bab2be4e759b8e5a823bdd0a65d407872f1d7d815bf568bed7c50190bd556ef5697f6a2a8c1a6db509d329812ca521f

    • SSDEEP

      6144:Kl0lqPY5O5kTt6196AvXlyQFSWXLGIz78B/0h5chg+rQWKO:FlFO5A6eAflyQdXLGIzoB/s5chgf

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks