General

  • Target

    83b0052ad61132027f42689e795b1933b1bb1fb80863b528f874613d26564a0d

  • Size

    440KB

  • Sample

    241106-25njyayqds

  • MD5

    e1ac17e05ba29c470aec581d66ad9867

  • SHA1

    05a87f82d13683e2e362469d9a99ea5a4dcf3d4b

  • SHA256

    83b0052ad61132027f42689e795b1933b1bb1fb80863b528f874613d26564a0d

  • SHA512

    6860472b331fa15a013d72da6f75599bae0b9c6bfdd73493c187de5da7f013e45d9395f5cd50355198526c20c57217294341bc093bbf4e64847fc708cdf3749d

  • SSDEEP

    12288:vMrVy90Cp7cO1Wt4uTY7mhTAFlj+jMSAF:qyncO+4IcF+jHu

Malware Config

Extracted

Family

redline

Botnet

rodik

C2

193.233.20.23:4124

Attributes
  • auth_value

    59b6e22e7cfd9b5fa0c99d1942f7c85d

Targets

    • Target

      83b0052ad61132027f42689e795b1933b1bb1fb80863b528f874613d26564a0d

    • Size

      440KB

    • MD5

      e1ac17e05ba29c470aec581d66ad9867

    • SHA1

      05a87f82d13683e2e362469d9a99ea5a4dcf3d4b

    • SHA256

      83b0052ad61132027f42689e795b1933b1bb1fb80863b528f874613d26564a0d

    • SHA512

      6860472b331fa15a013d72da6f75599bae0b9c6bfdd73493c187de5da7f013e45d9395f5cd50355198526c20c57217294341bc093bbf4e64847fc708cdf3749d

    • SSDEEP

      12288:vMrVy90Cp7cO1Wt4uTY7mhTAFlj+jMSAF:qyncO+4IcF+jHu

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks