General

  • Target

    1bc3acf0f946684a1e6367f941460e4c359755a24e716f34eede42dc0db9c78e.exe

  • Size

    403KB

  • Sample

    241113-phemassbpm

  • MD5

    d2457dbe5979649366dcd81255759b73

  • SHA1

    cbb4af18d3c166a3cf3b4d7e5ded40b0bcaf5e58

  • SHA256

    1bc3acf0f946684a1e6367f941460e4c359755a24e716f34eede42dc0db9c78e

  • SHA512

    e2b5c9621caa455a0115e04a9b8bef743c17854f1d1da2bde0cdd8670899f52147417160a2e5fff615fa4d917975eef0c5c51403a3ad38ebb41b2efeb2b34c54

  • SSDEEP

    6144:3IQX0MvmkY7ZCulsqm03mIUUMrMzU8iHNL7NlFBa:3IQkMvmkYNCuGqJWIkMHitvHFBa

Malware Config

Extracted

Family

redline

Botnet

rosn

C2

176.113.115.145:4125

Attributes
  • auth_value

    050a19e1db4d0024b0f23b37dcf961f4

Targets

    • Target

      1bc3acf0f946684a1e6367f941460e4c359755a24e716f34eede42dc0db9c78e.exe

    • Size

      403KB

    • MD5

      d2457dbe5979649366dcd81255759b73

    • SHA1

      cbb4af18d3c166a3cf3b4d7e5ded40b0bcaf5e58

    • SHA256

      1bc3acf0f946684a1e6367f941460e4c359755a24e716f34eede42dc0db9c78e

    • SHA512

      e2b5c9621caa455a0115e04a9b8bef743c17854f1d1da2bde0cdd8670899f52147417160a2e5fff615fa4d917975eef0c5c51403a3ad38ebb41b2efeb2b34c54

    • SSDEEP

      6144:3IQX0MvmkY7ZCulsqm03mIUUMrMzU8iHNL7NlFBa:3IQkMvmkYNCuGqJWIkMHitvHFBa

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks