General

  • Target

    ea92ca01c53d2a40f313d27966d8d6dce4edccf39a379b52aa940f4472d483b9.exe

  • Size

    325KB

  • Sample

    241113-zpaa9syhqj

  • MD5

    9e72622faa2be02f2f0577708ae874e1

  • SHA1

    7844381d61639b09d53a34571425447b50699d0b

  • SHA256

    ea92ca01c53d2a40f313d27966d8d6dce4edccf39a379b52aa940f4472d483b9

  • SHA512

    bd592e0556ea75b9c6071eb5382e2de2a36ced78a8267c397475cd930ab5925ba27e36ba737bbfe9ad2e47758831340985c076b4950279476db334bb0202cdb6

  • SSDEEP

    6144:4kQuOSvy0tyg9E4rCRf9DX6E0ZYYIvNyEm8N6:49uOSvy+RC+EOxIvgEmf

Malware Config

Extracted

Family

redline

Botnet

TripleSBanks

C2

185.143.223.90:10024

Attributes
  • auth_value

    064872fe393e6f3a6d60eca59269d528

Targets

    • Target

      ea92ca01c53d2a40f313d27966d8d6dce4edccf39a379b52aa940f4472d483b9.exe

    • Size

      325KB

    • MD5

      9e72622faa2be02f2f0577708ae874e1

    • SHA1

      7844381d61639b09d53a34571425447b50699d0b

    • SHA256

      ea92ca01c53d2a40f313d27966d8d6dce4edccf39a379b52aa940f4472d483b9

    • SHA512

      bd592e0556ea75b9c6071eb5382e2de2a36ced78a8267c397475cd930ab5925ba27e36ba737bbfe9ad2e47758831340985c076b4950279476db334bb0202cdb6

    • SSDEEP

      6144:4kQuOSvy0tyg9E4rCRf9DX6E0ZYYIvNyEm8N6:49uOSvy+RC+EOxIvgEmf

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks