General

  • Target

    523a45e4d652edd831f9b6732ac3fe9710b807a671b441e4994e4d3bf2239d38

  • Size

    399KB

  • Sample

    241109-162mhswndp

  • MD5

    3a641b307041cdf243b29fc1c280b125

  • SHA1

    63aef626bde4bbeb17f1a243bea115c8484a6d62

  • SHA256

    523a45e4d652edd831f9b6732ac3fe9710b807a671b441e4994e4d3bf2239d38

  • SHA512

    49e239ad18dbed0d22ed46e5c08632f920392317916ee6d3b9a5ad9730d17339957af68096652cada1ea7982d40e6e288b6b12e3df4cedf12418fa8a049d47d9

  • SSDEEP

    6144:PArLmWQ7AkMULfY2Q6D31yJSASHdA5S1:PGyWQ7LdLfok8SASHKQ

Malware Config

Extracted

Family

redline

Botnet

mango

C2

193.233.20.28:4125

Attributes
  • auth_value

    ecf79d7f5227d998a3501c972d915d23

Targets

    • Target

      523a45e4d652edd831f9b6732ac3fe9710b807a671b441e4994e4d3bf2239d38

    • Size

      399KB

    • MD5

      3a641b307041cdf243b29fc1c280b125

    • SHA1

      63aef626bde4bbeb17f1a243bea115c8484a6d62

    • SHA256

      523a45e4d652edd831f9b6732ac3fe9710b807a671b441e4994e4d3bf2239d38

    • SHA512

      49e239ad18dbed0d22ed46e5c08632f920392317916ee6d3b9a5ad9730d17339957af68096652cada1ea7982d40e6e288b6b12e3df4cedf12418fa8a049d47d9

    • SSDEEP

      6144:PArLmWQ7AkMULfY2Q6D31yJSASHdA5S1:PGyWQ7LdLfok8SASHKQ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks