General

  • Target

    c5cb5a169a64b3d25c1869607ac182e82180ea0b321d7c2fdbc78801d5076719.exe

  • Size

    175KB

  • Sample

    241113-y3nv5sxqew

  • MD5

    a4c551192e426375b26711e6e5ff5b47

  • SHA1

    51a9c2a1da9b85022ac8900ade831ba6ccb30d73

  • SHA256

    c5cb5a169a64b3d25c1869607ac182e82180ea0b321d7c2fdbc78801d5076719

  • SHA512

    4d902eb9fea98079c37016d7f6e09123d58870ff7652cf09550ad85e07baf911458efba1d3c52b5cf36ef8d3e3277d59a7d42291a7ebd33df7833e1fc2ea11bd

  • SSDEEP

    3072:yxqZWDfnaxIF63WUX+BJe5bF+h3HxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOk:gqZcmWkUM+hK

Malware Config

Extracted

Family

redline

Botnet

fomich

C2

melevv.eu:4162

Attributes
  • auth_value

    b018e52ac946001794d8b8c23e901859

Targets

    • Target

      c5cb5a169a64b3d25c1869607ac182e82180ea0b321d7c2fdbc78801d5076719.exe

    • Size

      175KB

    • MD5

      a4c551192e426375b26711e6e5ff5b47

    • SHA1

      51a9c2a1da9b85022ac8900ade831ba6ccb30d73

    • SHA256

      c5cb5a169a64b3d25c1869607ac182e82180ea0b321d7c2fdbc78801d5076719

    • SHA512

      4d902eb9fea98079c37016d7f6e09123d58870ff7652cf09550ad85e07baf911458efba1d3c52b5cf36ef8d3e3277d59a7d42291a7ebd33df7833e1fc2ea11bd

    • SSDEEP

      3072:yxqZWDfnaxIF63WUX+BJe5bF+h3HxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOk:gqZcmWkUM+hK

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks