General

  • Target

    9aa81d3ca93bb3308b27f18e02a26dc713e351c5cd61bf25e6edd74814a7d12a.exe

  • Size

    175KB

  • Sample

    241112-hw6vdaxeqj

  • MD5

    7ef84418c37da7e2a78b6d7838e439a6

  • SHA1

    d8a61eae6b86fd30987d8488391e10e69610ce8b

  • SHA256

    9aa81d3ca93bb3308b27f18e02a26dc713e351c5cd61bf25e6edd74814a7d12a

  • SHA512

    3d3a31fe78cf6884ebb07dfaa6256b78a816bc9f796b5e197bfaf2580875f2d3193501aa58a57e78cdb6519d5215797f81aefd83658b579a1d37535d26241edc

  • SSDEEP

    3072:4xqZWZRanU2n0/Z62eJ5evJ9ih+PxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOS:mqZg/Z6XJIihx

Malware Config

Extracted

Family

redline

Botnet

from

C2

176.113.115.145:4125

Attributes
  • auth_value

    8633e283485822a4a48f0a41d5397566

Targets

    • Target

      9aa81d3ca93bb3308b27f18e02a26dc713e351c5cd61bf25e6edd74814a7d12a.exe

    • Size

      175KB

    • MD5

      7ef84418c37da7e2a78b6d7838e439a6

    • SHA1

      d8a61eae6b86fd30987d8488391e10e69610ce8b

    • SHA256

      9aa81d3ca93bb3308b27f18e02a26dc713e351c5cd61bf25e6edd74814a7d12a

    • SHA512

      3d3a31fe78cf6884ebb07dfaa6256b78a816bc9f796b5e197bfaf2580875f2d3193501aa58a57e78cdb6519d5215797f81aefd83658b579a1d37535d26241edc

    • SSDEEP

      3072:4xqZWZRanU2n0/Z62eJ5evJ9ih+PxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOS:mqZg/Z6XJIihx

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks