General

  • Target

    24efdd2e4cfdeda9d9d14de80ad255566c3eca10c074fe22cb286e0202b20715

  • Size

    732KB

  • Sample

    241108-2d1ees1fjm

  • MD5

    95e0beda7052bbfaa36b9f26c24e68d1

  • SHA1

    9a9f14fbd97c13855aea9f97fa528c5bb2030e72

  • SHA256

    24efdd2e4cfdeda9d9d14de80ad255566c3eca10c074fe22cb286e0202b20715

  • SHA512

    ec2409b4caa29ea26968efdc16c4a110a7e521f5b0315311381ccf157eeccd9f3d8bccaf1d78c431a0ffeae4c183c4300bee8dfcf5f8fb5167dcdefdb5a4ef6c

  • SSDEEP

    12288:QMrdy90YnFMGhfi+SCFy1EXJXw3tZLkZcMRTDzn9dvf/IVn9O55NyxBxKKW:dyXMQfrA1WJg3tZLkCITDznj3AVn9xK

Malware Config

Extracted

Family

redline

Botnet

dars

C2

83.97.73.127:19045

Attributes
  • auth_value

    7cd208e6b6c927262304d5d4d88647fd

Targets

    • Target

      24efdd2e4cfdeda9d9d14de80ad255566c3eca10c074fe22cb286e0202b20715

    • Size

      732KB

    • MD5

      95e0beda7052bbfaa36b9f26c24e68d1

    • SHA1

      9a9f14fbd97c13855aea9f97fa528c5bb2030e72

    • SHA256

      24efdd2e4cfdeda9d9d14de80ad255566c3eca10c074fe22cb286e0202b20715

    • SHA512

      ec2409b4caa29ea26968efdc16c4a110a7e521f5b0315311381ccf157eeccd9f3d8bccaf1d78c431a0ffeae4c183c4300bee8dfcf5f8fb5167dcdefdb5a4ef6c

    • SSDEEP

      12288:QMrdy90YnFMGhfi+SCFy1EXJXw3tZLkZcMRTDzn9dvf/IVn9O55NyxBxKKW:dyXMQfrA1WJg3tZLkCITDznj3AVn9xK

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks