General

  • Target

    8a26c83f522dba035c990262d88f52d6ec24743540ac424a6afc7b64fa18c1cd

  • Size

    435KB

  • Sample

    241105-kf28csyekp

  • MD5

    594f46236e73f0acc06c422f44cf23ed

  • SHA1

    9de23331a2b8e9d9d6363247aaa5f47f058353e9

  • SHA256

    8a26c83f522dba035c990262d88f52d6ec24743540ac424a6afc7b64fa18c1cd

  • SHA512

    4bef485bee1339cbe6e9595996108ae8f09cd155b51383626aa08121a6712147dab9fd113243de04e022bd3a0c151e258651da0d480d0b8595ac05443178007f

  • SSDEEP

    12288:+Mrzy90rz7+yhqiE4DKjtRkJQY0AcKBjQI:Nyk2gqnRjtRkJX0/Gr

Malware Config

Extracted

Family

redline

Botnet

rodik

C2

193.233.20.23:4124

Attributes
  • auth_value

    59b6e22e7cfd9b5fa0c99d1942f7c85d

Targets

    • Target

      8a26c83f522dba035c990262d88f52d6ec24743540ac424a6afc7b64fa18c1cd

    • Size

      435KB

    • MD5

      594f46236e73f0acc06c422f44cf23ed

    • SHA1

      9de23331a2b8e9d9d6363247aaa5f47f058353e9

    • SHA256

      8a26c83f522dba035c990262d88f52d6ec24743540ac424a6afc7b64fa18c1cd

    • SHA512

      4bef485bee1339cbe6e9595996108ae8f09cd155b51383626aa08121a6712147dab9fd113243de04e022bd3a0c151e258651da0d480d0b8595ac05443178007f

    • SSDEEP

      12288:+Mrzy90rz7+yhqiE4DKjtRkJQY0AcKBjQI:Nyk2gqnRjtRkJX0/Gr

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks