General

  • Target

    2bbaba3aa43e27c950ded6365ee55463c6e6ca460b953deb8d7cfdab21058b38

  • Size

    392KB

  • Sample

    241109-2av1jatekq

  • MD5

    cc21026deed4d4dabb2f9ce28bc21e50

  • SHA1

    f8e6552d33e2e990f77469bc33edc883f472bb02

  • SHA256

    2bbaba3aa43e27c950ded6365ee55463c6e6ca460b953deb8d7cfdab21058b38

  • SHA512

    c9dabd30ad43517d9d32b12b2e5413a0d394aa108e668092eb686b86ac4e883e9147f1e62165bacde5fabc157da0b06ab0e4261bed4ae3509f9a857979fcc20f

  • SSDEEP

    6144:m3HILlyuqeuzqy8CuljfvyedXNc9s/xS85PVQZm3H3AmGh:m3HI8ujOqy8nZdNbS8T0zmGh

Malware Config

Extracted

Family

redline

Botnet

doz

C2

193.106.191.21:47242

Attributes
  • auth_value

    0c1f6245fdf34473eba636d447c5c2a3

Targets

    • Target

      2bbaba3aa43e27c950ded6365ee55463c6e6ca460b953deb8d7cfdab21058b38

    • Size

      392KB

    • MD5

      cc21026deed4d4dabb2f9ce28bc21e50

    • SHA1

      f8e6552d33e2e990f77469bc33edc883f472bb02

    • SHA256

      2bbaba3aa43e27c950ded6365ee55463c6e6ca460b953deb8d7cfdab21058b38

    • SHA512

      c9dabd30ad43517d9d32b12b2e5413a0d394aa108e668092eb686b86ac4e883e9147f1e62165bacde5fabc157da0b06ab0e4261bed4ae3509f9a857979fcc20f

    • SSDEEP

      6144:m3HILlyuqeuzqy8CuljfvyedXNc9s/xS85PVQZm3H3AmGh:m3HI8ujOqy8nZdNbS8T0zmGh

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks