General

  • Target

    772fd77eda5dc8a43af29a952a300f306fe93e534daf6e6bb88fe032334b7c88

  • Size

    373KB

  • Sample

    241109-16cndssnd1

  • MD5

    579f14691451a6ecb4c90ca98e3730a9

  • SHA1

    d1464ce39f2f3735728a4892cbd567092e56549b

  • SHA256

    772fd77eda5dc8a43af29a952a300f306fe93e534daf6e6bb88fe032334b7c88

  • SHA512

    646c89367fbddd915df9aa9ca0d20408211f193b4f180a07973e2292f76ade9ab7bc09b6833b01c27332f1d8377d4a36d08c750c0c301db5762090514e913154

  • SSDEEP

    6144:sQbYaHTyC3lD/ZQYHLcoO8xtTUXiNzUZBQKW:BbYaH2+NLU8xhciBc

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      772fd77eda5dc8a43af29a952a300f306fe93e534daf6e6bb88fe032334b7c88

    • Size

      373KB

    • MD5

      579f14691451a6ecb4c90ca98e3730a9

    • SHA1

      d1464ce39f2f3735728a4892cbd567092e56549b

    • SHA256

      772fd77eda5dc8a43af29a952a300f306fe93e534daf6e6bb88fe032334b7c88

    • SHA512

      646c89367fbddd915df9aa9ca0d20408211f193b4f180a07973e2292f76ade9ab7bc09b6833b01c27332f1d8377d4a36d08c750c0c301db5762090514e913154

    • SSDEEP

      6144:sQbYaHTyC3lD/ZQYHLcoO8xtTUXiNzUZBQKW:BbYaH2+NLU8xhciBc

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks