General

  • Target

    86176f1c511e7b7d4a12270c6b8c78ccfdd8c6dc6451871a9abe67cae16fe1e3.exe

  • Size

    297KB

  • Sample

    241113-ymktjs1qdn

  • MD5

    1fe6c6f464e745f7e926943bb35729b6

  • SHA1

    842792dfa330a124fa08d867bd6467d9abe66378

  • SHA256

    86176f1c511e7b7d4a12270c6b8c78ccfdd8c6dc6451871a9abe67cae16fe1e3

  • SHA512

    a93be54e568054f2534c13e6127446528ac57c66ae85ddae407004fe1cfb49c9f3bb8df8366a084c1fd914e6679dfd5977a40ce6fb32ce30c1b5928ea2506229

  • SSDEEP

    6144:I28DSvty5l36R8Mo4e8MoFINiDvqx9mTSXOXJ1BDBeBmZ0eA:Kmk5p6R8Moqf+ig9mj19eBmrA

Malware Config

Extracted

Family

redline

Botnet

rosn

C2

176.113.115.145:4125

Attributes
  • auth_value

    050a19e1db4d0024b0f23b37dcf961f4

Targets

    • Target

      86176f1c511e7b7d4a12270c6b8c78ccfdd8c6dc6451871a9abe67cae16fe1e3.exe

    • Size

      297KB

    • MD5

      1fe6c6f464e745f7e926943bb35729b6

    • SHA1

      842792dfa330a124fa08d867bd6467d9abe66378

    • SHA256

      86176f1c511e7b7d4a12270c6b8c78ccfdd8c6dc6451871a9abe67cae16fe1e3

    • SHA512

      a93be54e568054f2534c13e6127446528ac57c66ae85ddae407004fe1cfb49c9f3bb8df8366a084c1fd914e6679dfd5977a40ce6fb32ce30c1b5928ea2506229

    • SSDEEP

      6144:I28DSvty5l36R8Mo4e8MoFINiDvqx9mTSXOXJ1BDBeBmZ0eA:Kmk5p6R8Moqf+ig9mj19eBmrA

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks