General

  • Target

    c87698a9dd3c456cb3846fe9781e7024bbb9b1009bd92763597237c0b64f3c32

  • Size

    272KB

  • Sample

    241107-q8alpstcrn

  • MD5

    7ec5fd3b68cf240116622171e099525e

  • SHA1

    80d48d26969af32ebb129a7bf94286eed64b4011

  • SHA256

    c87698a9dd3c456cb3846fe9781e7024bbb9b1009bd92763597237c0b64f3c32

  • SHA512

    a2b27f80020578e6add3201997ff51f142ab4c67585353ec98fb3c59f0b81823b4c4a870f5818c55310d5be7143102109bfc3d70a11da8dc79093f653b434842

  • SSDEEP

    3072:A6joELz6lmfCJRNa0UcAO0kk+aVpvLV9Kno40NQnLhFNnTrOafMfxNn2pU9f2MK+:A6jsJaDcATkk+anvLVozLhHnR

Malware Config

Extracted

Family

redline

Botnet

rodik

C2

193.233.20.23:4124

Attributes
  • auth_value

    59b6e22e7cfd9b5fa0c99d1942f7c85d

Targets

    • Target

      c87698a9dd3c456cb3846fe9781e7024bbb9b1009bd92763597237c0b64f3c32

    • Size

      272KB

    • MD5

      7ec5fd3b68cf240116622171e099525e

    • SHA1

      80d48d26969af32ebb129a7bf94286eed64b4011

    • SHA256

      c87698a9dd3c456cb3846fe9781e7024bbb9b1009bd92763597237c0b64f3c32

    • SHA512

      a2b27f80020578e6add3201997ff51f142ab4c67585353ec98fb3c59f0b81823b4c4a870f5818c55310d5be7143102109bfc3d70a11da8dc79093f653b434842

    • SSDEEP

      3072:A6joELz6lmfCJRNa0UcAO0kk+aVpvLV9Kno40NQnLhFNnTrOafMfxNn2pU9f2MK+:A6jsJaDcATkk+anvLVozLhHnR

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks