General

  • Target

    38d4265ed6f52d86c6a9c39a6a04b117

  • Size

    321KB

  • Sample

    241111-hrqycsveqn

  • MD5

    38d4265ed6f52d86c6a9c39a6a04b117

  • SHA1

    2a595f19d21ac7399255d9992e52e223d054acae

  • SHA256

    02f292d928868b0327a09e05784e62b287138835d14f351c41719822372be6fe

  • SHA512

    01ea46c6139dc2e52c72a1d62d954567012b936c662f129c810b27aad58623da476449e408072131be2c62cc37dd53b705354e8b61d1d899303d7f9b40779e4d

  • SSDEEP

    6144:eUgLpjp90jrpL6sz42bqrJiZXU+lpEoZ2v3pCLT0mY0:eUg91qjrlJzCUZXU+7E3v5CLTJP

Malware Config

Extracted

Family

redline

Botnet

123

C2

78.153.144.3:2510

Attributes
  • auth_value

    cd6abb0af211bce081d7bf127cc26835

Targets

    • Target

      38d4265ed6f52d86c6a9c39a6a04b117

    • Size

      321KB

    • MD5

      38d4265ed6f52d86c6a9c39a6a04b117

    • SHA1

      2a595f19d21ac7399255d9992e52e223d054acae

    • SHA256

      02f292d928868b0327a09e05784e62b287138835d14f351c41719822372be6fe

    • SHA512

      01ea46c6139dc2e52c72a1d62d954567012b936c662f129c810b27aad58623da476449e408072131be2c62cc37dd53b705354e8b61d1d899303d7f9b40779e4d

    • SSDEEP

      6144:eUgLpjp90jrpL6sz42bqrJiZXU+lpEoZ2v3pCLT0mY0:eUg91qjrlJzCUZXU+7E3v5CLTJP

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks