General

  • Target

    2c0ee175d211f563f3a06e1c4953d5aa98a9827a7d45b8dce93eb2d63387be3cN.exe

  • Size

    292KB

  • Sample

    241113-q3aphstbjj

  • MD5

    cc0ad672b2f5422b2011deb2fcd1a790

  • SHA1

    70edc3599a0b0273cbdfc832c22cbcd55f5ce783

  • SHA256

    2c0ee175d211f563f3a06e1c4953d5aa98a9827a7d45b8dce93eb2d63387be3c

  • SHA512

    bf5994e226c26e4e603c7768e4136e3664a555d717731aa60af9547993e4809bedffaf4544069336e8e0a14079ade073ce2bda499a9a82e2915970345f64cbfa

  • SSDEEP

    6144:K5O5bGOnQ3+zzaefehu+wPl+DVi2bd5ph3lqIyup:K5gbGOucfeUWV9blqI

Malware Config

Extracted

Family

redline

Botnet

rosn

C2

176.113.115.145:4125

Attributes
  • auth_value

    050a19e1db4d0024b0f23b37dcf961f4

Targets

    • Target

      2c0ee175d211f563f3a06e1c4953d5aa98a9827a7d45b8dce93eb2d63387be3cN.exe

    • Size

      292KB

    • MD5

      cc0ad672b2f5422b2011deb2fcd1a790

    • SHA1

      70edc3599a0b0273cbdfc832c22cbcd55f5ce783

    • SHA256

      2c0ee175d211f563f3a06e1c4953d5aa98a9827a7d45b8dce93eb2d63387be3c

    • SHA512

      bf5994e226c26e4e603c7768e4136e3664a555d717731aa60af9547993e4809bedffaf4544069336e8e0a14079ade073ce2bda499a9a82e2915970345f64cbfa

    • SSDEEP

      6144:K5O5bGOnQ3+zzaefehu+wPl+DVi2bd5ph3lqIyup:K5gbGOucfeUWV9blqI

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks