General

  • Target

    37856156e82f789bda94a0c09e8db9d78d22f018d315224c579aadfe28e5b1d9

  • Size

    320KB

  • Sample

    241111-hsfh1swaka

  • MD5

    562afd9e1b86b72be4b62cfd65dc35a4

  • SHA1

    f0bfda04e80abbcfea46b4e6c9d7b5a5d0a3182e

  • SHA256

    37856156e82f789bda94a0c09e8db9d78d22f018d315224c579aadfe28e5b1d9

  • SHA512

    7a2f41040635598aea812438ec6550fa304dc64ae277d91449f74ea0118d9fe81584c7328d12c5d66a26ea11a1e6d7eaf70a542e777610e7e660852b4d2a6f57

  • SSDEEP

    6144:eUgLpjp90jrpL6sz42bqrJiZXU+lpEoZ2v3pCLT0mY0:eUg91qjrlJzCUZXU+7E3v5CLTJP

Malware Config

Extracted

Family

redline

Botnet

123

C2

78.153.144.3:2510

Attributes
  • auth_value

    cd6abb0af211bce081d7bf127cc26835

Targets

    • Target

      37856156e82f789bda94a0c09e8db9d78d22f018d315224c579aadfe28e5b1d9

    • Size

      320KB

    • MD5

      562afd9e1b86b72be4b62cfd65dc35a4

    • SHA1

      f0bfda04e80abbcfea46b4e6c9d7b5a5d0a3182e

    • SHA256

      37856156e82f789bda94a0c09e8db9d78d22f018d315224c579aadfe28e5b1d9

    • SHA512

      7a2f41040635598aea812438ec6550fa304dc64ae277d91449f74ea0118d9fe81584c7328d12c5d66a26ea11a1e6d7eaf70a542e777610e7e660852b4d2a6f57

    • SSDEEP

      6144:eUgLpjp90jrpL6sz42bqrJiZXU+lpEoZ2v3pCLT0mY0:eUg91qjrlJzCUZXU+7E3v5CLTJP

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks