General

  • Target

    ba7517fbc65542871d06e7d4b7a017d5c165f55dda2b741e2ba52a6303d21b57.exe

  • Size

    304KB

  • Sample

    241214-pqjwzstmdk

  • MD5

    aedfb26f18fdd54279e8d1b82b84559a

  • SHA1

    161a427ef200282daf092543b3eda9b8cd689514

  • SHA256

    ba7517fbc65542871d06e7d4b7a017d5c165f55dda2b741e2ba52a6303d21b57

  • SHA512

    30c5836584b3d74e9a0719e0559f2b83900210ee574ae780d793cdc6396bd9b7cb672f401dfa15a58687ad1d769d5ef5c0b0b24de83dec3c8429a259c9a37bb2

  • SSDEEP

    3072:lq6EgY6iwrUjL849wPzsyozn/jBCTAvtA2iZpcZqf7D341eqiOLibBOc:sqY6i/wPEPBCTAFAvpcZqf7DIfL

Malware Config

Extracted

Family

redline

Botnet

30072024

C2

185.215.113.67:40960

Targets

    • Target

      ba7517fbc65542871d06e7d4b7a017d5c165f55dda2b741e2ba52a6303d21b57.exe

    • Size

      304KB

    • MD5

      aedfb26f18fdd54279e8d1b82b84559a

    • SHA1

      161a427ef200282daf092543b3eda9b8cd689514

    • SHA256

      ba7517fbc65542871d06e7d4b7a017d5c165f55dda2b741e2ba52a6303d21b57

    • SHA512

      30c5836584b3d74e9a0719e0559f2b83900210ee574ae780d793cdc6396bd9b7cb672f401dfa15a58687ad1d769d5ef5c0b0b24de83dec3c8429a259c9a37bb2

    • SSDEEP

      3072:lq6EgY6iwrUjL849wPzsyozn/jBCTAvtA2iZpcZqf7D341eqiOLibBOc:sqY6i/wPEPBCTAFAvpcZqf7DIfL

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks