General

  • Target

    8e939a926bfe48fd001872ad8076201db60ad93e761649d0684d0444a432a57d

  • Size

    425KB

  • Sample

    241111-hsg2vatrgv

  • MD5

    78e7fc858da95aade56f5b5f00cef825

  • SHA1

    dbb85a12a1d046e4b99b338f3c91637ac11632c3

  • SHA256

    8e939a926bfe48fd001872ad8076201db60ad93e761649d0684d0444a432a57d

  • SHA512

    319cd9c08b053c7f420b23c6cba8f3a4db64b7b87dab634cc4fe32c1cf253a85e2eb3e98dd82c7ab5833321fa97a19953850c481dda60dd8ea5814fd42822443

  • SSDEEP

    6144:ZhEhUR7NXRNcctWZzL2SeCi+AkDG/Jl7kP6YYUayvLHHZlofiDP9LtQtyfWJ:ZhEhQ1MLm+ANxl7kP6YYUDvLXoEVLOy

Malware Config

Extracted

Family

redline

Botnet

bbtt1

C2

212.193.30.196:13040

Attributes
  • auth_value

    fd6c3db35926ff1b33d500d0fb0ce060

Targets

    • Target

      8e939a926bfe48fd001872ad8076201db60ad93e761649d0684d0444a432a57d

    • Size

      425KB

    • MD5

      78e7fc858da95aade56f5b5f00cef825

    • SHA1

      dbb85a12a1d046e4b99b338f3c91637ac11632c3

    • SHA256

      8e939a926bfe48fd001872ad8076201db60ad93e761649d0684d0444a432a57d

    • SHA512

      319cd9c08b053c7f420b23c6cba8f3a4db64b7b87dab634cc4fe32c1cf253a85e2eb3e98dd82c7ab5833321fa97a19953850c481dda60dd8ea5814fd42822443

    • SSDEEP

      6144:ZhEhUR7NXRNcctWZzL2SeCi+AkDG/Jl7kP6YYUayvLHHZlofiDP9LtQtyfWJ:ZhEhQ1MLm+ANxl7kP6YYUDvLXoEVLOy

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks