General

  • Target

    04ae98f0310093b02ece802f364ddb6d3e601a313328b288095dc97d6a7ccf00

  • Size

    751KB

  • Sample

    241108-ywp5maxqhw

  • MD5

    0607b5af6daf88385ae57e19c6832801

  • SHA1

    ebbe1e610ec442b6f9d73efb0efc915659228150

  • SHA256

    04ae98f0310093b02ece802f364ddb6d3e601a313328b288095dc97d6a7ccf00

  • SHA512

    37ffe8b4cc00d46a098108da0918956d6bf3192e88838ff67387d5fc82aca6c6102ab7719001dda941afe7aac861fcea8c53418ff2d9d53fdfba79a6a8c13eda

  • SSDEEP

    12288:8Mrjy90nh3uZAPlghjtQ9o9fM/tpicLSn57/PCcpGBBqePbuuU6LM:HyghXKrWo9fMOdtEBqePHLM

Malware Config

Extracted

Family

redline

Botnet

dars

C2

83.97.73.127:19045

Attributes
  • auth_value

    7cd208e6b6c927262304d5d4d88647fd

Targets

    • Target

      04ae98f0310093b02ece802f364ddb6d3e601a313328b288095dc97d6a7ccf00

    • Size

      751KB

    • MD5

      0607b5af6daf88385ae57e19c6832801

    • SHA1

      ebbe1e610ec442b6f9d73efb0efc915659228150

    • SHA256

      04ae98f0310093b02ece802f364ddb6d3e601a313328b288095dc97d6a7ccf00

    • SHA512

      37ffe8b4cc00d46a098108da0918956d6bf3192e88838ff67387d5fc82aca6c6102ab7719001dda941afe7aac861fcea8c53418ff2d9d53fdfba79a6a8c13eda

    • SSDEEP

      12288:8Mrjy90nh3uZAPlghjtQ9o9fM/tpicLSn57/PCcpGBBqePbuuU6LM:HyghXKrWo9fMOdtEBqePHLM

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks