General

  • Target

    c3ae1d65d1a04dfb74bddf26175733f2089b55b166819608a365adbb2a58ec2cN.exe

  • Size

    175KB

  • Sample

    241118-tspx8svpcq

  • MD5

    c2fbee9873b1d29d0a3fb24b5fed6750

  • SHA1

    9310871bff5f8e9c19279f2069ccddad51da6b53

  • SHA256

    c3ae1d65d1a04dfb74bddf26175733f2089b55b166819608a365adbb2a58ec2c

  • SHA512

    b1bc1ad2168c74621edf327572f9556419ad5778efc693ab581f14c651d8a701a3b07ac29331192ec4f1e8e9a24be2bc64432803b4f322dd599a6ecef71d6dbb

  • SSDEEP

    3072:4xqZWZRanU2n0/Z62eJ5evJ9ih+PxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOm:mqZg/Z6XJIih

Malware Config

Extracted

Family

redline

Botnet

from

C2

176.113.115.145:4125

Attributes
  • auth_value

    8633e283485822a4a48f0a41d5397566

Targets

    • Target

      c3ae1d65d1a04dfb74bddf26175733f2089b55b166819608a365adbb2a58ec2cN.exe

    • Size

      175KB

    • MD5

      c2fbee9873b1d29d0a3fb24b5fed6750

    • SHA1

      9310871bff5f8e9c19279f2069ccddad51da6b53

    • SHA256

      c3ae1d65d1a04dfb74bddf26175733f2089b55b166819608a365adbb2a58ec2c

    • SHA512

      b1bc1ad2168c74621edf327572f9556419ad5778efc693ab581f14c651d8a701a3b07ac29331192ec4f1e8e9a24be2bc64432803b4f322dd599a6ecef71d6dbb

    • SSDEEP

      3072:4xqZWZRanU2n0/Z62eJ5evJ9ih+PxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOm:mqZg/Z6XJIih

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks