General

  • Target

    e24dfd17970514ae0930b52e415d2349aa975ede6bc75183232af2d56d349ea5

  • Size

    337KB

  • Sample

    241105-nrdwpa1drp

  • MD5

    3c71e104a47029a139aad600bcb8701b

  • SHA1

    3e432688f569044f1943949fb701e1d8bf256abb

  • SHA256

    e24dfd17970514ae0930b52e415d2349aa975ede6bc75183232af2d56d349ea5

  • SHA512

    2b78972ed7834814a1a78c0d2c6664218fc8bfea207f2b7eaa3388dcefc4d4bcb80bd1130c24133bc9e0cb37525ca1123719428493e3d874e7677a515da8f9a4

  • SSDEEP

    6144:nbDQmioYCCAYp5fRZOVANlZ1iJ5ZccG7uMR9NX23BoIgPEDZCO4lw1JedPlC:nbDQ7LpDcVAN1lDm3BoIgPEDZCO4lw1H

Malware Config

Extracted

Family

redline

Botnet

24.01

C2

37.220.86.164:29170

Attributes
  • auth_value

    1c7f0aa21138601b5201a3a4a0123991

Targets

    • Target

      e24dfd17970514ae0930b52e415d2349aa975ede6bc75183232af2d56d349ea5

    • Size

      337KB

    • MD5

      3c71e104a47029a139aad600bcb8701b

    • SHA1

      3e432688f569044f1943949fb701e1d8bf256abb

    • SHA256

      e24dfd17970514ae0930b52e415d2349aa975ede6bc75183232af2d56d349ea5

    • SHA512

      2b78972ed7834814a1a78c0d2c6664218fc8bfea207f2b7eaa3388dcefc4d4bcb80bd1130c24133bc9e0cb37525ca1123719428493e3d874e7677a515da8f9a4

    • SSDEEP

      6144:nbDQmioYCCAYp5fRZOVANlZ1iJ5ZccG7uMR9NX23BoIgPEDZCO4lw1JedPlC:nbDQ7LpDcVAN1lDm3BoIgPEDZCO4lw1H

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks