General

  • Target

    85949ffad7b1ffc37980c2d8cb09c4ba2c49e1489d719317060d4a84fbd751f5N.exe

  • Size

    175KB

  • Sample

    241113-re7j1stcrm

  • MD5

    54d3395024266bf1d2c019578315bff0

  • SHA1

    4b6d7dd88721731c40c2526309242b51aad1971d

  • SHA256

    85949ffad7b1ffc37980c2d8cb09c4ba2c49e1489d719317060d4a84fbd751f5

  • SHA512

    e97d4a6e7fac75f943a5884491e8eca0c334c2c1adc01d2daa01638359448398255494635e6b0e78625f731d6fe875a82e15148da67647fad9f5cfc8f34c9167

  • SSDEEP

    3072:UxqZWZRanU2n0K56dWfex5FGhyTxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOuM:qqZgSSbGh

Malware Config

Extracted

Family

redline

Botnet

lift

C2

176.113.115.145:4125

Attributes
  • auth_value

    94f33c242a83de9dcc729e29ec435dfb

Targets

    • Target

      85949ffad7b1ffc37980c2d8cb09c4ba2c49e1489d719317060d4a84fbd751f5N.exe

    • Size

      175KB

    • MD5

      54d3395024266bf1d2c019578315bff0

    • SHA1

      4b6d7dd88721731c40c2526309242b51aad1971d

    • SHA256

      85949ffad7b1ffc37980c2d8cb09c4ba2c49e1489d719317060d4a84fbd751f5

    • SHA512

      e97d4a6e7fac75f943a5884491e8eca0c334c2c1adc01d2daa01638359448398255494635e6b0e78625f731d6fe875a82e15148da67647fad9f5cfc8f34c9167

    • SSDEEP

      3072:UxqZWZRanU2n0K56dWfex5FGhyTxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOuM:qqZgSSbGh

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks