General

  • Target

    e94077843a75fd6612c60784dbf7a94beffb26bd5d40b7cc46cb8617ef1bf759

  • Size

    374KB

  • Sample

    241109-1rn3watbjm

  • MD5

    65b50d65cb6554b9bb439f36ee9a9def

  • SHA1

    59b509161fa14c8408f050afe1e8e7b07bbc4cdd

  • SHA256

    e94077843a75fd6612c60784dbf7a94beffb26bd5d40b7cc46cb8617ef1bf759

  • SHA512

    daf2a66386061b9e285d3b4bc5bdc44e1f3db4f63148895fcbd5a46711bb20fa6224848a483fe4e3686c4687fc4e7d24388dc776f1e5e63422bbce16dd3e2e05

  • SSDEEP

    6144:CEgDAKVzpql0/6qVOpOQAP454pI+2cDe1h3Ti:CEgDAKtpc0//aOFx2/

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      e94077843a75fd6612c60784dbf7a94beffb26bd5d40b7cc46cb8617ef1bf759

    • Size

      374KB

    • MD5

      65b50d65cb6554b9bb439f36ee9a9def

    • SHA1

      59b509161fa14c8408f050afe1e8e7b07bbc4cdd

    • SHA256

      e94077843a75fd6612c60784dbf7a94beffb26bd5d40b7cc46cb8617ef1bf759

    • SHA512

      daf2a66386061b9e285d3b4bc5bdc44e1f3db4f63148895fcbd5a46711bb20fa6224848a483fe4e3686c4687fc4e7d24388dc776f1e5e63422bbce16dd3e2e05

    • SSDEEP

      6144:CEgDAKVzpql0/6qVOpOQAP454pI+2cDe1h3Ti:CEgDAKtpc0//aOFx2/

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks