General

  • Target

    6a05b2eda249e0c6b95fa288c881a098454cf825f5ee73cdd28fa53b86d8c3d2.exe

  • Size

    175KB

  • Sample

    241116-3vt5eawgnc

  • MD5

    6f75c586047935561b33e9decea1ff28

  • SHA1

    cd049676a95b8722bfbd75816bedc9b2340cfc7c

  • SHA256

    6a05b2eda249e0c6b95fa288c881a098454cf825f5ee73cdd28fa53b86d8c3d2

  • SHA512

    d74901a46c5ba133e5cce7e001c166010aba9d9230f0aa7006e89390d7cf0a3550f82733766315b284161069c832bd9f3d693a450c0ed089fa213ffc074a0be0

  • SSDEEP

    3072:4xqZWZRanU2n0/Z62eJ5evJ9ih+PxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOe:mqZg/Z6XJIihD

Malware Config

Extracted

Family

redline

Botnet

from

C2

176.113.115.145:4125

Attributes
  • auth_value

    8633e283485822a4a48f0a41d5397566

Targets

    • Target

      6a05b2eda249e0c6b95fa288c881a098454cf825f5ee73cdd28fa53b86d8c3d2.exe

    • Size

      175KB

    • MD5

      6f75c586047935561b33e9decea1ff28

    • SHA1

      cd049676a95b8722bfbd75816bedc9b2340cfc7c

    • SHA256

      6a05b2eda249e0c6b95fa288c881a098454cf825f5ee73cdd28fa53b86d8c3d2

    • SHA512

      d74901a46c5ba133e5cce7e001c166010aba9d9230f0aa7006e89390d7cf0a3550f82733766315b284161069c832bd9f3d693a450c0ed089fa213ffc074a0be0

    • SSDEEP

      3072:4xqZWZRanU2n0/Z62eJ5evJ9ih+PxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOe:mqZg/Z6XJIihD

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks