General

  • Target

    abc9b4b8d21791fe32bac72f634b22bae6a93de27225c0a1b425d5a09b0b75b1

  • Size

    241KB

  • Sample

    241111-gqlftathnl

  • MD5

    9b17a19f7d2f9b82b0f0a0a2caa94fc2

  • SHA1

    2a040dc3537e04c2a38e8bbba671c281997b0b64

  • SHA256

    abc9b4b8d21791fe32bac72f634b22bae6a93de27225c0a1b425d5a09b0b75b1

  • SHA512

    a5e53a8a51df7f4573396f1becacc9beb0c8ee6f617a3d3622ebbfe7da5ddbf07adc4e829d4e49435c566e6c479c9e7d4243ece47766375e76c8bdb4942e499f

  • SSDEEP

    6144:624JiavJGltxHPO1IfWo1lhDrIgHTjOIhwO3o:Sx+f6ahlTJ3o

Malware Config

Extracted

Family

redline

Botnet

271@2023

C2

77.73.133.62:22344

Attributes
  • auth_value

    1ee05d97bb1f23e9ac01ec6d1a5f1ffb

Targets

    • Target

      39e90e4da4486f82c8ecd4b60671dfaf58c5ad7009aa5a0ed02823e399d1b692.exe

    • Size

      301KB

    • MD5

      09028f821999ca87b9c54d7ea5eff807

    • SHA1

      54f59bff88d0bce74932812df1e4907e3c350821

    • SHA256

      39e90e4da4486f82c8ecd4b60671dfaf58c5ad7009aa5a0ed02823e399d1b692

    • SHA512

      490ea2a1e1817ea19f73d0b10e446e8869c883b099db4c60c6c53c38f05a6996ab98cbe7ab69ce7eee0a62314374de8efa8c7e97f59a523991b4588991456aa6

    • SSDEEP

      6144:kfotY3sLL0ExMxgEhgeGPDZFGjSrR0FgeFHIdeDitP+7Lfcugjn:kfot+sX0E2hgeGnGu0DnDsP+vfc

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks