General

  • Target

    78c87d864aaca3265befbb180122d824fcfcee4518edccee3e3407159f509d32

  • Size

    480KB

  • Sample

    241109-1w5anaslhx

  • MD5

    ba76c8b347bed31c76f20bbbed991a32

  • SHA1

    4222b152709037fe1efbfe3318b7e9e2c135c76f

  • SHA256

    78c87d864aaca3265befbb180122d824fcfcee4518edccee3e3407159f509d32

  • SHA512

    c01dc8218ecb37c4383a25cf026616ed2d36320d022c8cc8d4611f6694d186a2f76c6298ff311c024ab84ea49f8171802f72a669873dfaba4b4beb2a6107e433

  • SSDEEP

    12288:sMrcy90uyr0pC+3dV6Y3C5QGa6DMUT6xKQY:Ayt4+3doY/Gt2Q

Malware Config

Extracted

Family

redline

Botnet

fuka

C2

193.233.20.11:4131

Attributes
  • auth_value

    90eef520554ef188793d77ecc34217bf

Targets

    • Target

      78c87d864aaca3265befbb180122d824fcfcee4518edccee3e3407159f509d32

    • Size

      480KB

    • MD5

      ba76c8b347bed31c76f20bbbed991a32

    • SHA1

      4222b152709037fe1efbfe3318b7e9e2c135c76f

    • SHA256

      78c87d864aaca3265befbb180122d824fcfcee4518edccee3e3407159f509d32

    • SHA512

      c01dc8218ecb37c4383a25cf026616ed2d36320d022c8cc8d4611f6694d186a2f76c6298ff311c024ab84ea49f8171802f72a669873dfaba4b4beb2a6107e433

    • SSDEEP

      12288:sMrcy90uyr0pC+3dV6Y3C5QGa6DMUT6xKQY:Ayt4+3doY/Gt2Q

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks