General

  • Target

    528bcc3e8b9596e2040ef8cafd455453f8a0a5c224a2e0befc0f16f2ef77a514

  • Size

    411KB

  • Sample

    241111-hm325avhmd

  • MD5

    11466489248e2b9c7433417cc3ecc58f

  • SHA1

    4849abcb9d2fdaa41509b5fc092a2aad9af1d7ed

  • SHA256

    528bcc3e8b9596e2040ef8cafd455453f8a0a5c224a2e0befc0f16f2ef77a514

  • SHA512

    c07cb2acf132a80ef661c824fdb3ef92c0711042049e38abb47c0c2874607822bc2550cf986b3832fb2124754745e0b84489ece97b867aa6670a3a0d5b2f1181

  • SSDEEP

    12288:QOHOqFFCzvGUHZ1olS7wAxlSoEYInaHqL:nFHW/4SioEYfKL

Malware Config

Extracted

Family

redline

Botnet

170

C2

45.9.20.240:46257

Attributes
  • auth_value

    73f905977a8199ea3d396a0a7d0ae6c8

Targets

    • Target

      528bcc3e8b9596e2040ef8cafd455453f8a0a5c224a2e0befc0f16f2ef77a514

    • Size

      411KB

    • MD5

      11466489248e2b9c7433417cc3ecc58f

    • SHA1

      4849abcb9d2fdaa41509b5fc092a2aad9af1d7ed

    • SHA256

      528bcc3e8b9596e2040ef8cafd455453f8a0a5c224a2e0befc0f16f2ef77a514

    • SHA512

      c07cb2acf132a80ef661c824fdb3ef92c0711042049e38abb47c0c2874607822bc2550cf986b3832fb2124754745e0b84489ece97b867aa6670a3a0d5b2f1181

    • SSDEEP

      12288:QOHOqFFCzvGUHZ1olS7wAxlSoEYInaHqL:nFHW/4SioEYfKL

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks