General

  • Target

    caa7f169c48e46a2f078ede0f4e3fe3701ce2d6fe1c2890d2da6e903324fbefa

  • Size

    359KB

  • Sample

    241115-cplb7sxbln

  • MD5

    f0a44ddf50aecba128f24811bfbf0b86

  • SHA1

    48e3eacdf44315ef0f03935b4b3edfdb7ac1253d

  • SHA256

    caa7f169c48e46a2f078ede0f4e3fe3701ce2d6fe1c2890d2da6e903324fbefa

  • SHA512

    1b3b9147761f2dec5630568789f7969f777f2b644fe43b0cb25d9d06017fe95c3bbb2e1604f66f1477002db32e291f7debfb4b65fa92bfda80a61ee5a936566f

  • SSDEEP

    6144:0nI50iLIkzSCvb63HhnRtUzLaL9v34yaiRSN4Q6dSK:b50ikk7jOHhF543jOd

Malware Config

Extracted

Family

redline

Botnet

sony

C2

193.233.20.33:4125

Attributes
  • auth_value

    1d93d1744381eeb4fcfd7c23ffe0f0b4

Targets

    • Target

      caa7f169c48e46a2f078ede0f4e3fe3701ce2d6fe1c2890d2da6e903324fbefa

    • Size

      359KB

    • MD5

      f0a44ddf50aecba128f24811bfbf0b86

    • SHA1

      48e3eacdf44315ef0f03935b4b3edfdb7ac1253d

    • SHA256

      caa7f169c48e46a2f078ede0f4e3fe3701ce2d6fe1c2890d2da6e903324fbefa

    • SHA512

      1b3b9147761f2dec5630568789f7969f777f2b644fe43b0cb25d9d06017fe95c3bbb2e1604f66f1477002db32e291f7debfb4b65fa92bfda80a61ee5a936566f

    • SSDEEP

      6144:0nI50iLIkzSCvb63HhnRtUzLaL9v34yaiRSN4Q6dSK:b50ikk7jOHhF543jOd

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks