General

  • Target

    9adbce444e030330fc346475b9c59e7b6408a147c62763ef1ee65124126df245

  • Size

    435KB

  • Sample

    241107-hvslcsxkct

  • MD5

    9bdcc72c318900e5bd999c9475dc55e9

  • SHA1

    f4cf5e2d9607d1451dceeda92a1cb36a8101b4c2

  • SHA256

    9adbce444e030330fc346475b9c59e7b6408a147c62763ef1ee65124126df245

  • SHA512

    c97b3bfc4d73aaec88f43c7f818874cfea895f63b371cccc949843a49ed82b44df11c2ee833bd70658346fa9ce1a9ae29ed6eaa7970bc40a436ac60ecd11ade9

  • SSDEEP

    12288:RMr2y90fz7+yhqiE4DKjtRkJQY0jX03y3/lP:ryQ2gqnRjtRkJX0Y3yPlP

Malware Config

Extracted

Family

redline

Botnet

rodik

C2

193.233.20.23:4124

Attributes
  • auth_value

    59b6e22e7cfd9b5fa0c99d1942f7c85d

Targets

    • Target

      9adbce444e030330fc346475b9c59e7b6408a147c62763ef1ee65124126df245

    • Size

      435KB

    • MD5

      9bdcc72c318900e5bd999c9475dc55e9

    • SHA1

      f4cf5e2d9607d1451dceeda92a1cb36a8101b4c2

    • SHA256

      9adbce444e030330fc346475b9c59e7b6408a147c62763ef1ee65124126df245

    • SHA512

      c97b3bfc4d73aaec88f43c7f818874cfea895f63b371cccc949843a49ed82b44df11c2ee833bd70658346fa9ce1a9ae29ed6eaa7970bc40a436ac60ecd11ade9

    • SSDEEP

      12288:RMr2y90fz7+yhqiE4DKjtRkJQY0jX03y3/lP:ryQ2gqnRjtRkJX0Y3yPlP

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks