General

  • Target

    f68486fb1f457fc7ab80deb9d173da46a151b8193a553653357bfaaeff0a021b

  • Size

    433KB

  • Sample

    241106-qmy26s1brg

  • MD5

    4041629edea148ed1a502cfb0fda5490

  • SHA1

    7a54cdf4b4ef6bd3e52ab5df1960bcf746581c98

  • SHA256

    f68486fb1f457fc7ab80deb9d173da46a151b8193a553653357bfaaeff0a021b

  • SHA512

    0152090950f703fc9f542055d5fcf59ea80bb4b432491728f337d36ce17461b88eb84a2f0acf10be81b396f0ebb61e877c2dc85696601e4d078806a30dd71d6e

  • SSDEEP

    12288:WMrUy90xNZvRpO8WaDBuax5dU4HRXdW2Zh6:SySf9tVuaRU4HTW2a

Malware Config

Extracted

Family

redline

Botnet

rodik

C2

193.233.20.23:4124

Attributes
  • auth_value

    59b6e22e7cfd9b5fa0c99d1942f7c85d

Targets

    • Target

      f68486fb1f457fc7ab80deb9d173da46a151b8193a553653357bfaaeff0a021b

    • Size

      433KB

    • MD5

      4041629edea148ed1a502cfb0fda5490

    • SHA1

      7a54cdf4b4ef6bd3e52ab5df1960bcf746581c98

    • SHA256

      f68486fb1f457fc7ab80deb9d173da46a151b8193a553653357bfaaeff0a021b

    • SHA512

      0152090950f703fc9f542055d5fcf59ea80bb4b432491728f337d36ce17461b88eb84a2f0acf10be81b396f0ebb61e877c2dc85696601e4d078806a30dd71d6e

    • SSDEEP

      12288:WMrUy90xNZvRpO8WaDBuax5dU4HRXdW2Zh6:SySf9tVuaRU4HTW2a

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks