General

  • Target

    79ec4bc8d1ecaf8151b4114bc853a57cf8ed3afb020db33352bf580ac9b04f11

  • Size

    445KB

  • Sample

    241111-hjzwasvgra

  • MD5

    b111d0c2cb47ab3bd88e547d9a3be348

  • SHA1

    afd9365e50f2612aada33a3d490929d975b89928

  • SHA256

    79ec4bc8d1ecaf8151b4114bc853a57cf8ed3afb020db33352bf580ac9b04f11

  • SHA512

    7dbffadfd5bc7aa7b3323b6be0459e6563afb082ea4412403bb0e490bc61b602f876c7f80d52dbc8427a36c4070878927accdf54aaecdc8883da71078d1d53e1

  • SSDEEP

    6144:Kl0lqPY5O5kTt6196AvXlyQFSWXLGIz78B/0h5chg+rQWKO:FlFO5A6eAflyQdXLGIzoB/s5chgf

Malware Config

Extracted

Family

redline

Botnet

ww

C2

45.9.20.168:46257

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      79ec4bc8d1ecaf8151b4114bc853a57cf8ed3afb020db33352bf580ac9b04f11

    • Size

      445KB

    • MD5

      b111d0c2cb47ab3bd88e547d9a3be348

    • SHA1

      afd9365e50f2612aada33a3d490929d975b89928

    • SHA256

      79ec4bc8d1ecaf8151b4114bc853a57cf8ed3afb020db33352bf580ac9b04f11

    • SHA512

      7dbffadfd5bc7aa7b3323b6be0459e6563afb082ea4412403bb0e490bc61b602f876c7f80d52dbc8427a36c4070878927accdf54aaecdc8883da71078d1d53e1

    • SSDEEP

      6144:Kl0lqPY5O5kTt6196AvXlyQFSWXLGIz78B/0h5chg+rQWKO:FlFO5A6eAflyQdXLGIzoB/s5chgf

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks