General

  • Target

    bb878b538021890d36e1858c4d540e3af5e0a6df71c6dbbee532e219c8813a95

  • Size

    446KB

  • Sample

    240319-k613zsgf6z

  • MD5

    55dae31959db3531f0ff079bfa7dde8d

  • SHA1

    15f77b026c06af1b3763d10f9d265ea70f1839c6

  • SHA256

    bb878b538021890d36e1858c4d540e3af5e0a6df71c6dbbee532e219c8813a95

  • SHA512

    b8ac1128fb1453d20252d80472670f258016d697fa073f694006d43b7a795e730173d1eab95bc209612db1e5cd11f82fe00923d0913daa4a2226e20cd1c1689f

  • SSDEEP

    12288:VpsmWy6TDMK0N4QQdqIXDZHFCc/daX0Il:Vyzy+Bq4QDatql

Malware Config

Extracted

Family

redline

Botnet

mango

C2

193.233.20.28:4125

Attributes
  • auth_value

    ecf79d7f5227d998a3501c972d915d23

Targets

    • Target

      bb878b538021890d36e1858c4d540e3af5e0a6df71c6dbbee532e219c8813a95

    • Size

      446KB

    • MD5

      55dae31959db3531f0ff079bfa7dde8d

    • SHA1

      15f77b026c06af1b3763d10f9d265ea70f1839c6

    • SHA256

      bb878b538021890d36e1858c4d540e3af5e0a6df71c6dbbee532e219c8813a95

    • SHA512

      b8ac1128fb1453d20252d80472670f258016d697fa073f694006d43b7a795e730173d1eab95bc209612db1e5cd11f82fe00923d0913daa4a2226e20cd1c1689f

    • SSDEEP

      12288:VpsmWy6TDMK0N4QQdqIXDZHFCc/daX0Il:Vyzy+Bq4QDatql

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

MITRE ATT&CK Matrix

Tasks