General

  • Target

    b634bcb6b1521453a341fe8f068fcaa62c6c98faba4d6043cc8ce1ac9791d752N.exe

  • Size

    176KB

  • Sample

    241113-ravpnawpcr

  • MD5

    1b402a9bd4a12d99fe0ebea6de098b40

  • SHA1

    410678390e1e64c468ad38eb3c612b4a6c9c9a59

  • SHA256

    b634bcb6b1521453a341fe8f068fcaa62c6c98faba4d6043cc8ce1ac9791d752

  • SHA512

    68376dc406b401df6807b328ac6110e06a421b92423cf0301a2c0afc1ea1f5f6bac02e2120257644d24fa3a613ae6e0069570dfc4166a08ecaa1e7ec93d537bb

  • SSDEEP

    3072:pxqZWzvagwoMR3I58ZlHeR5FthXfxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOb:bqZVY8qth

Malware Config

Extracted

Family

redline

Botnet

spora

C2

176.113.115.145:4125

Attributes
  • auth_value

    441b39ab37774b2ca9931c31e1bc6071

Targets

    • Target

      b634bcb6b1521453a341fe8f068fcaa62c6c98faba4d6043cc8ce1ac9791d752N.exe

    • Size

      176KB

    • MD5

      1b402a9bd4a12d99fe0ebea6de098b40

    • SHA1

      410678390e1e64c468ad38eb3c612b4a6c9c9a59

    • SHA256

      b634bcb6b1521453a341fe8f068fcaa62c6c98faba4d6043cc8ce1ac9791d752

    • SHA512

      68376dc406b401df6807b328ac6110e06a421b92423cf0301a2c0afc1ea1f5f6bac02e2120257644d24fa3a613ae6e0069570dfc4166a08ecaa1e7ec93d537bb

    • SSDEEP

      3072:pxqZWzvagwoMR3I58ZlHeR5FthXfxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOb:bqZVY8qth

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks