General

  • Target

    39ffc289c7646a61870a03cf806a5d64

  • Size

    372KB

  • Sample

    241109-1bx1vasfmg

  • MD5

    39ffc289c7646a61870a03cf806a5d64

  • SHA1

    cebfb48a60dbb62cc854caf709d9ef8fb73fc9e7

  • SHA256

    cc776250e9cb46b564b731ef62128437b6bab9264de8621ac9a796be86424e91

  • SHA512

    4149bb4331280564530ed470951f540f102dc58b06be6af50287de70746ca54ed1435212a03b3de020d6e4c62b94249a819fde50d5678e4d90c09165666fa155

  • SSDEEP

    3072:IEDcK6kemaIj8h8qXa5FZwC19bFYo5ijh93MoZPrE3gnbOyJwWof975Z342B:XcKraIy8qqLZ3LYsv0Ww56fxD

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      39ffc289c7646a61870a03cf806a5d64

    • Size

      372KB

    • MD5

      39ffc289c7646a61870a03cf806a5d64

    • SHA1

      cebfb48a60dbb62cc854caf709d9ef8fb73fc9e7

    • SHA256

      cc776250e9cb46b564b731ef62128437b6bab9264de8621ac9a796be86424e91

    • SHA512

      4149bb4331280564530ed470951f540f102dc58b06be6af50287de70746ca54ed1435212a03b3de020d6e4c62b94249a819fde50d5678e4d90c09165666fa155

    • SSDEEP

      3072:IEDcK6kemaIj8h8qXa5FZwC19bFYo5ijh93MoZPrE3gnbOyJwWof975Z342B:XcKraIy8qqLZ3LYsv0Ww56fxD

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks