General

  • Target

    build.exe

  • Size

    300KB

  • Sample

    250204-zpfhaatlbl

  • MD5

    c759f252a77a2d98e3ef35159ada5eda

  • SHA1

    ca5349a493b7a141da842b72bbc7a9479f51e372

  • SHA256

    324091c032c51d6ca7fdb2f22fd6ee3e20b5296c88cac9d83145b9bd8fde6dc3

  • SHA512

    84391b1fdbdbe40b804c677af779d67b08b82c439e85676fb4633ff9744c341edd1078dcf9588e22a2f171a7bbcfe0df9d7f1671f84212c7678152ad148d8e83

  • SSDEEP

    3072:KcZqf7D34xp/0+mAOkyovcQQgIAB1fA0PuTVAtkxzX3RceqiOL2bBOA:KcZqf7DIjnjXxB1fA0GTV8kVkL

Malware Config

Extracted

Family

redline

Botnet

Microsoft

C2

147.185.221.25:45465

Targets

    • Target

      build.exe

    • Size

      300KB

    • MD5

      c759f252a77a2d98e3ef35159ada5eda

    • SHA1

      ca5349a493b7a141da842b72bbc7a9479f51e372

    • SHA256

      324091c032c51d6ca7fdb2f22fd6ee3e20b5296c88cac9d83145b9bd8fde6dc3

    • SHA512

      84391b1fdbdbe40b804c677af779d67b08b82c439e85676fb4633ff9744c341edd1078dcf9588e22a2f171a7bbcfe0df9d7f1671f84212c7678152ad148d8e83

    • SSDEEP

      3072:KcZqf7D34xp/0+mAOkyovcQQgIAB1fA0PuTVAtkxzX3RceqiOL2bBOA:KcZqf7DIjnjXxB1fA0GTV8kVkL

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks