General

  • Target

    a593fb677c80bd09623c61f4715dfce3b97dbbae100eef33c44a2f4103463d61N.exe

  • Size

    175KB

  • Sample

    241111-rms2latlem

  • MD5

    210ea7e723b70e02a663a2f2d5522df9

  • SHA1

    cb93ca0a2598e660435ebddb14386e1595aeb75a

  • SHA256

    2c472251381c4130eac0a56ea2526a974bf3f03ed05a00fd6f32e5d0f79b0549

  • SHA512

    f7eb224046bd4e307c618f77fe79a48414fcfd46913327d32c22867eca3c4d2f70e9cbb13ba74630fe6ad16b4f136eab7a086121687d46edc032b7e479e06cf0

  • SSDEEP

    3072:4xqZWZRanU2n0/Z62eJ5evJ9ih+PxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOr:mqZg/Z6XJIih+

Malware Config

Extracted

Family

redline

Botnet

from

C2

176.113.115.145:4125

Attributes
  • auth_value

    8633e283485822a4a48f0a41d5397566

Targets

    • Target

      a593fb677c80bd09623c61f4715dfce3b97dbbae100eef33c44a2f4103463d61N.exe

    • Size

      175KB

    • MD5

      210ea7e723b70e02a663a2f2d5522df9

    • SHA1

      cb93ca0a2598e660435ebddb14386e1595aeb75a

    • SHA256

      2c472251381c4130eac0a56ea2526a974bf3f03ed05a00fd6f32e5d0f79b0549

    • SHA512

      f7eb224046bd4e307c618f77fe79a48414fcfd46913327d32c22867eca3c4d2f70e9cbb13ba74630fe6ad16b4f136eab7a086121687d46edc032b7e479e06cf0

    • SSDEEP

      3072:4xqZWZRanU2n0/Z62eJ5evJ9ih+PxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOr:mqZg/Z6XJIih+

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks