General

  • Target

    4d08cb5564153fd74a915ad17e7e38d0df7f6934ce8eec271c9ab6aa2fec7336.exe

  • Size

    295KB

  • Sample

    241112-y2b5ysyrev

  • MD5

    36eeeaf7155dedb16484b5ee6e04a4a5

  • SHA1

    322a64d94d6b0e9b030a873d81fa4c2c867a1ab6

  • SHA256

    4d08cb5564153fd74a915ad17e7e38d0df7f6934ce8eec271c9ab6aa2fec7336

  • SHA512

    dd1103c82d4e099c5bca01a7cd1e1f12327c409804663ce4c91ecf538e7b47fb2ac47e05f3900e1fe72c09401140690aa9e0b66c9a6fc58ac51c316d6ccbaff1

  • SSDEEP

    6144:YMttpW0qxxHGmztqbXkXNskr/Dniki3aWPD9W2:f3A5q7kdskrLiki3aWPA2

Malware Config

Extracted

Family

redline

Botnet

rosn

C2

176.113.115.145:4125

Attributes
  • auth_value

    050a19e1db4d0024b0f23b37dcf961f4

Targets

    • Target

      4d08cb5564153fd74a915ad17e7e38d0df7f6934ce8eec271c9ab6aa2fec7336.exe

    • Size

      295KB

    • MD5

      36eeeaf7155dedb16484b5ee6e04a4a5

    • SHA1

      322a64d94d6b0e9b030a873d81fa4c2c867a1ab6

    • SHA256

      4d08cb5564153fd74a915ad17e7e38d0df7f6934ce8eec271c9ab6aa2fec7336

    • SHA512

      dd1103c82d4e099c5bca01a7cd1e1f12327c409804663ce4c91ecf538e7b47fb2ac47e05f3900e1fe72c09401140690aa9e0b66c9a6fc58ac51c316d6ccbaff1

    • SSDEEP

      6144:YMttpW0qxxHGmztqbXkXNskr/Dniki3aWPD9W2:f3A5q7kdskrLiki3aWPA2

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks