General

  • Target

    261c11c27377273bed4713d9c611e73a5087b8d825b0acf165743708e6cece62N.exe

  • Size

    175KB

  • Sample

    241114-g9t73aypel

  • MD5

    28df937a19df623ece89b6b8eba69440

  • SHA1

    56fa01bb45a48bfacb2f56a6d5038dc7098e472e

  • SHA256

    261c11c27377273bed4713d9c611e73a5087b8d825b0acf165743708e6cece62

  • SHA512

    d44a7d91f94117782ceb79f61fd1cbeeabf0141fc749a0f6e32402f675fb3657dda6a797b4a53f1c39561ba49bf3a76399b617011eb49f34c4951ad14140329c

  • SSDEEP

    3072:4xqZWZRanU2n0/Z62eJ5evJ9ih+PxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOm:mqZg/Z6XJIih

Malware Config

Extracted

Family

redline

Botnet

from

C2

176.113.115.145:4125

Attributes
  • auth_value

    8633e283485822a4a48f0a41d5397566

Targets

    • Target

      261c11c27377273bed4713d9c611e73a5087b8d825b0acf165743708e6cece62N.exe

    • Size

      175KB

    • MD5

      28df937a19df623ece89b6b8eba69440

    • SHA1

      56fa01bb45a48bfacb2f56a6d5038dc7098e472e

    • SHA256

      261c11c27377273bed4713d9c611e73a5087b8d825b0acf165743708e6cece62

    • SHA512

      d44a7d91f94117782ceb79f61fd1cbeeabf0141fc749a0f6e32402f675fb3657dda6a797b4a53f1c39561ba49bf3a76399b617011eb49f34c4951ad14140329c

    • SSDEEP

      3072:4xqZWZRanU2n0/Z62eJ5evJ9ih+PxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOm:mqZg/Z6XJIih

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks