General

  • Target

    bc356b6c3f7808526388f007e41987639054d7d230a8a95719911cb88669633fN.exe

  • Size

    348KB

  • Sample

    241113-nw243svkan

  • MD5

    d34438da2bad1565c09d86e1d5b0ee20

  • SHA1

    90b1e83fc1ee049e12327f8ceb17298bed567668

  • SHA256

    bc356b6c3f7808526388f007e41987639054d7d230a8a95719911cb88669633f

  • SHA512

    7f613da29bbe496dfe9ec97b4e9e1b0fe03f61f49b412c2aeab37b0f219051d41eb3d49b5db2775b17378de41c08dc2e9f2f25f16c2c42989ece8ca9164ce6ab

  • SSDEEP

    6144:djzN7H3uaHv+wbbx9hPx2hWMudLJ0QVGzqiKbwwHaW:dnN7XuaP+Ux9VxRRd6zMH

Malware Config

Extracted

Family

redline

Botnet

rosn

C2

176.113.115.145:4125

Attributes
  • auth_value

    050a19e1db4d0024b0f23b37dcf961f4

Targets

    • Target

      bc356b6c3f7808526388f007e41987639054d7d230a8a95719911cb88669633fN.exe

    • Size

      348KB

    • MD5

      d34438da2bad1565c09d86e1d5b0ee20

    • SHA1

      90b1e83fc1ee049e12327f8ceb17298bed567668

    • SHA256

      bc356b6c3f7808526388f007e41987639054d7d230a8a95719911cb88669633f

    • SHA512

      7f613da29bbe496dfe9ec97b4e9e1b0fe03f61f49b412c2aeab37b0f219051d41eb3d49b5db2775b17378de41c08dc2e9f2f25f16c2c42989ece8ca9164ce6ab

    • SSDEEP

      6144:djzN7H3uaHv+wbbx9hPx2hWMudLJ0QVGzqiKbwwHaW:dnN7XuaP+Ux9VxRRd6zMH

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks