General

  • Target

    d500f1dc338b02c71ea6ca79305732537f36586e70f20f0a973d56afb99f27ac.exe

  • Size

    295KB

  • Sample

    241113-ygjz3aybld

  • MD5

    2a04c4bcfc3cfd7270b034359bb500ee

  • SHA1

    8c9708411c272d84a556b8622ba117db141b8f83

  • SHA256

    d500f1dc338b02c71ea6ca79305732537f36586e70f20f0a973d56afb99f27ac

  • SHA512

    ea78f9e072e4b70e68d042ce29287face643fa53472c46902ba779b0ccc4e4a8fed7d1e4b1ae63c7781469c597d231200c4f8e4005aa637d67e0f187f2b33dbf

  • SSDEEP

    6144:OqhxOt5cQrAB+DO320DhCWqElzmNfG0ftpVjujf08nK:bhUt5cQrw+GhCIJ0ft/juI8K

Malware Config

Extracted

Family

redline

Botnet

rosn

C2

176.113.115.145:4125

Attributes
  • auth_value

    050a19e1db4d0024b0f23b37dcf961f4

Targets

    • Target

      d500f1dc338b02c71ea6ca79305732537f36586e70f20f0a973d56afb99f27ac.exe

    • Size

      295KB

    • MD5

      2a04c4bcfc3cfd7270b034359bb500ee

    • SHA1

      8c9708411c272d84a556b8622ba117db141b8f83

    • SHA256

      d500f1dc338b02c71ea6ca79305732537f36586e70f20f0a973d56afb99f27ac

    • SHA512

      ea78f9e072e4b70e68d042ce29287face643fa53472c46902ba779b0ccc4e4a8fed7d1e4b1ae63c7781469c597d231200c4f8e4005aa637d67e0f187f2b33dbf

    • SSDEEP

      6144:OqhxOt5cQrAB+DO320DhCWqElzmNfG0ftpVjujf08nK:bhUt5cQrw+GhCIJ0ft/juI8K

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks