General

  • Target

    4e547d18695e9b2d4891d7a9b0429370cddccaa2cab381c574f9577e650b404aN.exe

  • Size

    168KB

  • Sample

    241113-zvb22sygqd

  • MD5

    efeecdcca0000c949e0922f67746b7d0

  • SHA1

    28783c69faaaa5e856f8864c1bc66cab4866573e

  • SHA256

    4e547d18695e9b2d4891d7a9b0429370cddccaa2cab381c574f9577e650b404a

  • SHA512

    c25e85341933848b551017115aea26189784e84821095b034b3479a433b2e5e09b0817a4d1140e88e1dc6dfeebbc5fa3faaffbb54a16aab6dbe73c9a2ec5a0fe

  • SSDEEP

    3072:zbo2i9G9tCQUqVY+FRV1Qw88GjEop8e8hb:zbo2ik9E+F9Qw88GjEop

Malware Config

Extracted

Family

redline

Botnet

zima

C2

176.113.115.145:4125

Attributes
  • auth_value

    2ef701d510c0d27e8a8e3270281678b1

Targets

    • Target

      4e547d18695e9b2d4891d7a9b0429370cddccaa2cab381c574f9577e650b404aN.exe

    • Size

      168KB

    • MD5

      efeecdcca0000c949e0922f67746b7d0

    • SHA1

      28783c69faaaa5e856f8864c1bc66cab4866573e

    • SHA256

      4e547d18695e9b2d4891d7a9b0429370cddccaa2cab381c574f9577e650b404a

    • SHA512

      c25e85341933848b551017115aea26189784e84821095b034b3479a433b2e5e09b0817a4d1140e88e1dc6dfeebbc5fa3faaffbb54a16aab6dbe73c9a2ec5a0fe

    • SSDEEP

      3072:zbo2i9G9tCQUqVY+FRV1Qw88GjEop8e8hb:zbo2ik9E+F9Qw88GjEop

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks