General

  • Target

    637302d8f6d2ce3d3e1b731fb66b48924e91a132

  • Size

    373KB

  • Sample

    241109-1ca8ga1rdz

  • MD5

    3e55819605bfb47643c2a4e791bb31bf

  • SHA1

    637302d8f6d2ce3d3e1b731fb66b48924e91a132

  • SHA256

    eb0ba20e9ff39997a5d72c61469d0b6241b1ad10d033860b72775c40b710aa1b

  • SHA512

    71d0f375e487ee9171117b146f194b285ec5c245a82e9c6c65a5a3fac489fe283c58c27736c2fed5407d501afb95da2b91bd58f3879d1fe8c56a9105fec4b72c

  • SSDEEP

    6144:VZEgRGqBrwpAp+Bf9Iz38aYrIhvL29sSTRdKdH3q:VZEgRfLtzsL+vS9sn

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      637302d8f6d2ce3d3e1b731fb66b48924e91a132

    • Size

      373KB

    • MD5

      3e55819605bfb47643c2a4e791bb31bf

    • SHA1

      637302d8f6d2ce3d3e1b731fb66b48924e91a132

    • SHA256

      eb0ba20e9ff39997a5d72c61469d0b6241b1ad10d033860b72775c40b710aa1b

    • SHA512

      71d0f375e487ee9171117b146f194b285ec5c245a82e9c6c65a5a3fac489fe283c58c27736c2fed5407d501afb95da2b91bd58f3879d1fe8c56a9105fec4b72c

    • SSDEEP

      6144:VZEgRGqBrwpAp+Bf9Iz38aYrIhvL29sSTRdKdH3q:VZEgRfLtzsL+vS9sn

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks