General

  • Target

    6f5fe2a8785d236ff161521a3758658be6dbc9da9808e11233b4e9209ce60985

  • Size

    241KB

  • Sample

    241109-164rwatdlf

  • MD5

    574cd5829756306a50ab1798c76127ef

  • SHA1

    d5cc621f0e81f15e3b2907c539d1789ef04c4546

  • SHA256

    6f5fe2a8785d236ff161521a3758658be6dbc9da9808e11233b4e9209ce60985

  • SHA512

    5f80a46e1e7923956a2b088067f36756a938a5784cce9c2afe8e31b6af22a3cfd462bc760e3cf9a643e48a1932808d9d288dcca77057910af6150da76b36c115

  • SSDEEP

    6144:B7FLBInmeyZvG1mrZuNOS5PJGMGhQ+BxMPax3:JBsByZvG8k/GhQ1PE

Malware Config

Extracted

Family

redline

Botnet

271@2023

C2

77.73.133.62:22344

Attributes
  • auth_value

    1ee05d97bb1f23e9ac01ec6d1a5f1ffb

Targets

    • Target

      feb87f71e1a8522ec1c77710ab9d6d70b3a5f4713911c4c870d0d9699e444421.exe

    • Size

      388KB

    • MD5

      fdb1079f281cfde3d9984167331a6919

    • SHA1

      d29500d4d712dd5e28e13086ea82ccdf697aa75a

    • SHA256

      feb87f71e1a8522ec1c77710ab9d6d70b3a5f4713911c4c870d0d9699e444421

    • SHA512

      dd40452d7e0a02274d22ff05855ddd989cc37c5d2829010f8221ff2064f8aba759ccc37689236e18dd59807b95bc535922ab742520bffef6f3f9ce956150a3bf

    • SSDEEP

      6144:oR1LHvkRMOB2222pAikkVELsTAVJTfvP8LWTSN6ApVS8vA:oR1LMRMOB2xIzV6s0f3PyWTe6ApVHA

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks