General

  • Target

    61a31f67461050163d1083555ec50622b532ec197cb446501cab984e8e97379f.exe

  • Size

    311KB

  • Sample

    241113-yn6seaxpbz

  • MD5

    83e79c094f2efb44c37c575c79368173

  • SHA1

    55972693c072c7cbc81015b1296f4db850660bdf

  • SHA256

    61a31f67461050163d1083555ec50622b532ec197cb446501cab984e8e97379f

  • SHA512

    044b11c5e310c3e4bd4532adf7de7ab374d1f29cec4c81670d70d8b490f9af2c3dbc349916c54d0191fadfaeb99bf73248a296069880dec4a8f8399ba4b8bc48

  • SSDEEP

    6144:NkgAYnCO/SuhHtNfhFwErILIQv91GW/6vS4pHTU:NhCOX7ZHe91GW/6bzU

Malware Config

Extracted

Family

redline

Botnet

rosn

C2

176.113.115.145:4125

Attributes
  • auth_value

    050a19e1db4d0024b0f23b37dcf961f4

Targets

    • Target

      61a31f67461050163d1083555ec50622b532ec197cb446501cab984e8e97379f.exe

    • Size

      311KB

    • MD5

      83e79c094f2efb44c37c575c79368173

    • SHA1

      55972693c072c7cbc81015b1296f4db850660bdf

    • SHA256

      61a31f67461050163d1083555ec50622b532ec197cb446501cab984e8e97379f

    • SHA512

      044b11c5e310c3e4bd4532adf7de7ab374d1f29cec4c81670d70d8b490f9af2c3dbc349916c54d0191fadfaeb99bf73248a296069880dec4a8f8399ba4b8bc48

    • SSDEEP

      6144:NkgAYnCO/SuhHtNfhFwErILIQv91GW/6vS4pHTU:NhCOX7ZHe91GW/6bzU

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks