General

  • Target

    6abd0a73d028b116cc1451d0c9c0587e3ecf2595ef527156e9b74b8d7d1b8797N.exe

  • Size

    168KB

  • Sample

    241113-z2zfxsylgv

  • MD5

    e9126a5d91ee844b638130abf1cf4bb0

  • SHA1

    79f12bf8c5f2d326c6d1d7239a24528fd9842031

  • SHA256

    6abd0a73d028b116cc1451d0c9c0587e3ecf2595ef527156e9b74b8d7d1b8797

  • SHA512

    8f23d82cae2e5a2959825ca39af70942da663c172235201a31d16be110f6eb8f965f86f0610aade818fb880550c2e0928418489d0d5a01a07b83add0df55ade8

  • SSDEEP

    1536:hjF5fMRsqlVZRGWt5IrPwCjA1z1wWTGqVKbuChcbaqldi9KxG83wYko8e8hj:hjnSLljlSqV+rybdldi9Kwa8e8hj

Malware Config

Extracted

Family

redline

Botnet

maxbi

C2

185.161.248.73:4164

Attributes
  • auth_value

    6aa7dba884fe45693dfa04c91440daef

Targets

    • Target

      6abd0a73d028b116cc1451d0c9c0587e3ecf2595ef527156e9b74b8d7d1b8797N.exe

    • Size

      168KB

    • MD5

      e9126a5d91ee844b638130abf1cf4bb0

    • SHA1

      79f12bf8c5f2d326c6d1d7239a24528fd9842031

    • SHA256

      6abd0a73d028b116cc1451d0c9c0587e3ecf2595ef527156e9b74b8d7d1b8797

    • SHA512

      8f23d82cae2e5a2959825ca39af70942da663c172235201a31d16be110f6eb8f965f86f0610aade818fb880550c2e0928418489d0d5a01a07b83add0df55ade8

    • SSDEEP

      1536:hjF5fMRsqlVZRGWt5IrPwCjA1z1wWTGqVKbuChcbaqldi9KxG83wYko8e8hj:hjnSLljlSqV+rybdldi9Kwa8e8hj

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks