General

  • Target

    5229f59e27f3c501ac377dd2c99264fcd7a5299e22794142f384cb373399de4b

  • Size

    476KB

  • Sample

    241109-1gpawssgrr

  • MD5

    6ddcaf2674af061e562d8bc25c6d0608

  • SHA1

    bb013d5d941fdb9c42fde4f06c34d4e0d6f6f07f

  • SHA256

    5229f59e27f3c501ac377dd2c99264fcd7a5299e22794142f384cb373399de4b

  • SHA512

    6f88616c52a5971c29f55e366a6f4f1556b2357b9f989352604b897ec174db8f4233d65d4def39f69aea20e8d653948b9a98ad795541f62c90bc001d391764ed

  • SSDEEP

    12288:747Z1yXoa4EVm+BkxhwdCMECuNsvUhc+MwUJR4:9oa4EVn2pNrAyMpJ

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      5229f59e27f3c501ac377dd2c99264fcd7a5299e22794142f384cb373399de4b

    • Size

      476KB

    • MD5

      6ddcaf2674af061e562d8bc25c6d0608

    • SHA1

      bb013d5d941fdb9c42fde4f06c34d4e0d6f6f07f

    • SHA256

      5229f59e27f3c501ac377dd2c99264fcd7a5299e22794142f384cb373399de4b

    • SHA512

      6f88616c52a5971c29f55e366a6f4f1556b2357b9f989352604b897ec174db8f4233d65d4def39f69aea20e8d653948b9a98ad795541f62c90bc001d391764ed

    • SSDEEP

      12288:747Z1yXoa4EVm+BkxhwdCMECuNsvUhc+MwUJR4:9oa4EVn2pNrAyMpJ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks