General

  • Target

    4bef2056486e62f775cf2f868aca3c764bc851d7ab3d009ba28fd808e10629e2

  • Size

    175KB

  • Sample

    241114-1qa5masrft

  • MD5

    2430448385e80c7bd6f3a4c836d56589

  • SHA1

    43eef6cf6d0dcf12e6f978924d86752cdf7ecf59

  • SHA256

    4bef2056486e62f775cf2f868aca3c764bc851d7ab3d009ba28fd808e10629e2

  • SHA512

    9f7f6dd75c2a0e18ef8f0ad1ae88a0ec2b1103bd075ea0c70425f2ae5197d45fbf2d21416bd7a4cc36f4c7553ab363d4e10d3246ef6564fd0bf6abbc811c7ec3

  • SSDEEP

    3072:4xqZWZRanU2n0/Z62eJ5evJ9ih+PxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOm:mqZg/Z6XJIih

Malware Config

Extracted

Family

redline

Botnet

from

C2

176.113.115.145:4125

Attributes
  • auth_value

    8633e283485822a4a48f0a41d5397566

Targets

    • Target

      4bef2056486e62f775cf2f868aca3c764bc851d7ab3d009ba28fd808e10629e2

    • Size

      175KB

    • MD5

      2430448385e80c7bd6f3a4c836d56589

    • SHA1

      43eef6cf6d0dcf12e6f978924d86752cdf7ecf59

    • SHA256

      4bef2056486e62f775cf2f868aca3c764bc851d7ab3d009ba28fd808e10629e2

    • SHA512

      9f7f6dd75c2a0e18ef8f0ad1ae88a0ec2b1103bd075ea0c70425f2ae5197d45fbf2d21416bd7a4cc36f4c7553ab363d4e10d3246ef6564fd0bf6abbc811c7ec3

    • SSDEEP

      3072:4xqZWZRanU2n0/Z62eJ5evJ9ih+PxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOm:mqZg/Z6XJIih

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks