General

  • Target

    e746f32631a77faf3b426c75507de6c7

  • Size

    374KB

  • Sample

    241109-2cl6eatelf

  • MD5

    e746f32631a77faf3b426c75507de6c7

  • SHA1

    3c7f406811bf903d0308869a93e25a62e52dabfe

  • SHA256

    42c36ed152a4681044783fdfaad99943db4bdf4f29dfd72f34113438e427a0c2

  • SHA512

    e97d930badc4762a8e65027d8c151d490f63d7d2cf4d4cde69a9f9e878b39483b2aca04eddad2dc6db1614d682edc70adc2c7288244001916e2e2ec2f24e04d5

  • SSDEEP

    6144:I2XA0bFYu81RG+w1qcAcSY+XCbvzBxPAc4FTyi2miSKAw:IubFY1SqcNdFpmQ

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      e746f32631a77faf3b426c75507de6c7

    • Size

      374KB

    • MD5

      e746f32631a77faf3b426c75507de6c7

    • SHA1

      3c7f406811bf903d0308869a93e25a62e52dabfe

    • SHA256

      42c36ed152a4681044783fdfaad99943db4bdf4f29dfd72f34113438e427a0c2

    • SHA512

      e97d930badc4762a8e65027d8c151d490f63d7d2cf4d4cde69a9f9e878b39483b2aca04eddad2dc6db1614d682edc70adc2c7288244001916e2e2ec2f24e04d5

    • SSDEEP

      6144:I2XA0bFYu81RG+w1qcAcSY+XCbvzBxPAc4FTyi2miSKAw:IubFY1SqcNdFpmQ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks