General

  • Target

    07ccfbda600fa7970ca703794e8d504bdde0d535d8ed6c228e41a8041c8a5698

  • Size

    292KB

  • Sample

    241112-x3gldssmhr

  • MD5

    fa0ffcabdcb9ff9c067ceb390ace3408

  • SHA1

    23fb1e52bc94fa62dcf0ea72582a434b6599ebbf

  • SHA256

    07ccfbda600fa7970ca703794e8d504bdde0d535d8ed6c228e41a8041c8a5698

  • SHA512

    c9edb9fe01a584946381ca577099d576bb45268c9f3e2a455af78d893fdeca8c436a82ff48261476d70fa03d206d67da8a71205d73f21893bcc757d71bc1c350

  • SSDEEP

    6144:100ZoaDhtIvC/Y5SYL6uhIZD9fA1+uMIxveH9aiClZf5:10ShtIvZXL6umXI1+ulAMiClZ

Malware Config

Extracted

Family

redline

Botnet

rosn

C2

176.113.115.145:4125

Attributes
  • auth_value

    050a19e1db4d0024b0f23b37dcf961f4

Targets

    • Target

      07ccfbda600fa7970ca703794e8d504bdde0d535d8ed6c228e41a8041c8a5698

    • Size

      292KB

    • MD5

      fa0ffcabdcb9ff9c067ceb390ace3408

    • SHA1

      23fb1e52bc94fa62dcf0ea72582a434b6599ebbf

    • SHA256

      07ccfbda600fa7970ca703794e8d504bdde0d535d8ed6c228e41a8041c8a5698

    • SHA512

      c9edb9fe01a584946381ca577099d576bb45268c9f3e2a455af78d893fdeca8c436a82ff48261476d70fa03d206d67da8a71205d73f21893bcc757d71bc1c350

    • SSDEEP

      6144:100ZoaDhtIvC/Y5SYL6uhIZD9fA1+uMIxveH9aiClZf5:10ShtIvZXL6umXI1+ulAMiClZ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks