General

  • Target

    12640e1e6ddf04872b60e3ae07424ff42aaccb3c00907f546498dc72e75127e0N.exe

  • Size

    311KB

  • Sample

    241113-rraqtasqfy

  • MD5

    3d74579a75d8c0c30c1aee79bddd8d40

  • SHA1

    75d925cd049d16b9a9fd768c5f84cc80c39549ce

  • SHA256

    12640e1e6ddf04872b60e3ae07424ff42aaccb3c00907f546498dc72e75127e0

  • SHA512

    e4f0264c9495c8655be64d445d1d398c8bc003e92104b22d933d6bff2995419b339bf8d0248dd57d4defa40436ce9cca0dd7b3bbaa6042d69a7c598a1d85a05b

  • SSDEEP

    6144:nEcg4bD0PzULBTHbVEsoslFUEpmIfuXmJQNT:nM4f0bULBThEJ/smIfumI

Malware Config

Extracted

Family

redline

Botnet

rosn

C2

176.113.115.145:4125

Attributes
  • auth_value

    050a19e1db4d0024b0f23b37dcf961f4

Targets

    • Target

      12640e1e6ddf04872b60e3ae07424ff42aaccb3c00907f546498dc72e75127e0N.exe

    • Size

      311KB

    • MD5

      3d74579a75d8c0c30c1aee79bddd8d40

    • SHA1

      75d925cd049d16b9a9fd768c5f84cc80c39549ce

    • SHA256

      12640e1e6ddf04872b60e3ae07424ff42aaccb3c00907f546498dc72e75127e0

    • SHA512

      e4f0264c9495c8655be64d445d1d398c8bc003e92104b22d933d6bff2995419b339bf8d0248dd57d4defa40436ce9cca0dd7b3bbaa6042d69a7c598a1d85a05b

    • SSDEEP

      6144:nEcg4bD0PzULBTHbVEsoslFUEpmIfuXmJQNT:nM4f0bULBThEJ/smIfumI

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks