General

  • Target

    beef48a3d590858e9d5464b31a25d20fe1818377c2603e72480ef89de17ab609

  • Size

    169KB

  • Sample

    241115-ca8h7azpbp

  • MD5

    8af0e6d753c8a96c74d6a0cb4e2e6471

  • SHA1

    a36f0472ab0d63e0f94a242b5ae0074402143091

  • SHA256

    beef48a3d590858e9d5464b31a25d20fe1818377c2603e72480ef89de17ab609

  • SHA512

    cf7058fed0fa39d27305822e0139aa0af60fcdb6cdf079585c45a6871d3f509b8b61a16870e97c4346ee92437a5a09dfd56940ef05f70594364101e272db1808

  • SSDEEP

    1536:jyOHBgqlVZRGWQ3ZrrQUYH9izdOzu2dTGqVibuTjNkZOjgAVU83wYke8e8hf:jyOhyTI7YqV2KqZOjgAVUw8e8hf

Malware Config

Extracted

Family

redline

Botnet

diza

C2

77.91.124.145:4125

Attributes
  • auth_value

    bbab0d2f0ae4d4fdd6b17077d93b3e80

Targets

    • Target

      beef48a3d590858e9d5464b31a25d20fe1818377c2603e72480ef89de17ab609

    • Size

      169KB

    • MD5

      8af0e6d753c8a96c74d6a0cb4e2e6471

    • SHA1

      a36f0472ab0d63e0f94a242b5ae0074402143091

    • SHA256

      beef48a3d590858e9d5464b31a25d20fe1818377c2603e72480ef89de17ab609

    • SHA512

      cf7058fed0fa39d27305822e0139aa0af60fcdb6cdf079585c45a6871d3f509b8b61a16870e97c4346ee92437a5a09dfd56940ef05f70594364101e272db1808

    • SSDEEP

      1536:jyOHBgqlVZRGWQ3ZrrQUYH9izdOzu2dTGqVibuTjNkZOjgAVU83wYke8e8hf:jyOhyTI7YqV2KqZOjgAVUw8e8hf

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks