General

  • Target

    6320a81b56cdf9895ab1b817f8ee5bd5

  • Size

    407KB

  • Sample

    241109-1k4jzssjhz

  • MD5

    6320a81b56cdf9895ab1b817f8ee5bd5

  • SHA1

    92d56fb9911f0bffea469e6bcb773a6bd0a587f7

  • SHA256

    36412d3eee50d6e24c0b4e3927c2a948ca7b2660ff1fff1391348a29acf45053

  • SHA512

    3fed6448df6167d30149fded881e5a2a05dd7c5f9f8d7407ed0ba52989fc816ec06b2483f5b75288876ed11e9011f730a77d01b9c061329866013bb5ad66ee5d

  • SSDEEP

    12288:MvN/0O4n+iLxnFs0NMOQ/Au1ngdRx3lq3q:A4n+i1yXO2lgTx3l

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      6320a81b56cdf9895ab1b817f8ee5bd5

    • Size

      407KB

    • MD5

      6320a81b56cdf9895ab1b817f8ee5bd5

    • SHA1

      92d56fb9911f0bffea469e6bcb773a6bd0a587f7

    • SHA256

      36412d3eee50d6e24c0b4e3927c2a948ca7b2660ff1fff1391348a29acf45053

    • SHA512

      3fed6448df6167d30149fded881e5a2a05dd7c5f9f8d7407ed0ba52989fc816ec06b2483f5b75288876ed11e9011f730a77d01b9c061329866013bb5ad66ee5d

    • SSDEEP

      12288:MvN/0O4n+iLxnFs0NMOQ/Au1ngdRx3lq3q:A4n+i1yXO2lgTx3l

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks