General

  • Target

    0b5dc551a668ba885cc8533fe64216599602071e80912d4ec5244bb99ce49e1e.exe

  • Size

    175KB

  • Sample

    241111-syeh1s1cjm

  • MD5

    c26d235630eb779a56c898930ce3d73f

  • SHA1

    ad2f7a59a44b39ece546957700235072f1eafb17

  • SHA256

    0b5dc551a668ba885cc8533fe64216599602071e80912d4ec5244bb99ce49e1e

  • SHA512

    1f55db307e4923ae8023dbb19a4fea47111573d847d465ad9b05d34430f8f4ab56a8d719c514abfbd76bdb8474fbde5ed8e94e42c09954a2b64ba658b0ffba4c

  • SSDEEP

    3072:4xqZWZRanU2n0/Z62eJ5evJ9ih+PxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOs:mqZg/Z6XJIiht

Malware Config

Extracted

Family

redline

Botnet

from

C2

176.113.115.145:4125

Attributes
  • auth_value

    8633e283485822a4a48f0a41d5397566

Targets

    • Target

      0b5dc551a668ba885cc8533fe64216599602071e80912d4ec5244bb99ce49e1e.exe

    • Size

      175KB

    • MD5

      c26d235630eb779a56c898930ce3d73f

    • SHA1

      ad2f7a59a44b39ece546957700235072f1eafb17

    • SHA256

      0b5dc551a668ba885cc8533fe64216599602071e80912d4ec5244bb99ce49e1e

    • SHA512

      1f55db307e4923ae8023dbb19a4fea47111573d847d465ad9b05d34430f8f4ab56a8d719c514abfbd76bdb8474fbde5ed8e94e42c09954a2b64ba658b0ffba4c

    • SSDEEP

      3072:4xqZWZRanU2n0/Z62eJ5evJ9ih+PxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOs:mqZg/Z6XJIiht

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks