General

  • Target

    4df885ee917946f769d6726580ae7eeaae846c9e0c30c4b0de4d71225fdd52e2

  • Size

    289KB

  • Sample

    241111-hrtz1symbj

  • MD5

    c83a30503dfe502272a19ba6c3b71bfc

  • SHA1

    2f5c9bde38f2b274baad30cd76161f2cc9d3e4e9

  • SHA256

    4df885ee917946f769d6726580ae7eeaae846c9e0c30c4b0de4d71225fdd52e2

  • SHA512

    72e917065342744f2b6393ddd2da723f40016b976ebee9160a16d2f5949350803a62ec0ed63e243af3c123419e0ae5c56ff7a0c2e9ec7258f336897b8df69d91

  • SSDEEP

    6144:SHXak2Nsa2+XivyBvHWFTrPVVsvvXR5Qp9qetUbOXijbKD8E:S3p2Ns+SvyB2FTsvZ5QpketBUZE

Malware Config

Extracted

Family

redline

Botnet

@chicago

C2

185.11.61.125:22344

Attributes
  • auth_value

    21f863e0cbd09d0681058e068d0d1d7f

Targets

    • Target

      4df885ee917946f769d6726580ae7eeaae846c9e0c30c4b0de4d71225fdd52e2

    • Size

      289KB

    • MD5

      c83a30503dfe502272a19ba6c3b71bfc

    • SHA1

      2f5c9bde38f2b274baad30cd76161f2cc9d3e4e9

    • SHA256

      4df885ee917946f769d6726580ae7eeaae846c9e0c30c4b0de4d71225fdd52e2

    • SHA512

      72e917065342744f2b6393ddd2da723f40016b976ebee9160a16d2f5949350803a62ec0ed63e243af3c123419e0ae5c56ff7a0c2e9ec7258f336897b8df69d91

    • SSDEEP

      6144:SHXak2Nsa2+XivyBvHWFTrPVVsvvXR5Qp9qetUbOXijbKD8E:S3p2Ns+SvyB2FTsvZ5QpketBUZE

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks