General

  • Target

    af7d35b1e1d9334ead3205b5ccbaf3a0ab8892bbe5aa08358d176a55b14dfe95

  • Size

    445KB

  • Sample

    241111-hpjq9svemq

  • MD5

    851e11e9d153dd9e81026a13e7b48e58

  • SHA1

    6de0d9374505c6526f105d439fa9f8f784935fc5

  • SHA256

    af7d35b1e1d9334ead3205b5ccbaf3a0ab8892bbe5aa08358d176a55b14dfe95

  • SHA512

    4663979d99ed7a4982f59790b3d5afb3c55e700c6833a0a83a5a84a6dcdade4a6abbcd0303e9124a40f3c7b7b25431fde27900b8d4e576bf313fad4a8a5ec221

  • SSDEEP

    12288:ELAASw3AByvqRYaSEC3XbaYcAB/9ychVN:EBd3AgyRYac31JJhV

Malware Config

Extracted

Family

redline

Botnet

ww

C2

45.9.20.168:46257

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      af7d35b1e1d9334ead3205b5ccbaf3a0ab8892bbe5aa08358d176a55b14dfe95

    • Size

      445KB

    • MD5

      851e11e9d153dd9e81026a13e7b48e58

    • SHA1

      6de0d9374505c6526f105d439fa9f8f784935fc5

    • SHA256

      af7d35b1e1d9334ead3205b5ccbaf3a0ab8892bbe5aa08358d176a55b14dfe95

    • SHA512

      4663979d99ed7a4982f59790b3d5afb3c55e700c6833a0a83a5a84a6dcdade4a6abbcd0303e9124a40f3c7b7b25431fde27900b8d4e576bf313fad4a8a5ec221

    • SSDEEP

      12288:ELAASw3AByvqRYaSEC3XbaYcAB/9ychVN:EBd3AgyRYac31JJhV

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks