General

  • Target

    cb5b5176f57bcba0c328d4b4b8d349717060fd95cd74f51623df9b3c4ec561cf

  • Size

    469KB

  • Sample

    241109-jn9fza1arq

  • MD5

    96689513b4db0b20f83ee9fa877ef56c

  • SHA1

    b2ee4aaa9a184e27171e6316d98e4b0ed8a6c538

  • SHA256

    cb5b5176f57bcba0c328d4b4b8d349717060fd95cd74f51623df9b3c4ec561cf

  • SHA512

    aa5c9d15432b58f049c232aab93b85aaa7c5c281d799ddcc8a51c6cc2e9327ab024e718bf36421fadf09fe31836608499077f3979fff729b0e666d06c9dd1899

  • SSDEEP

    6144:KPy+bnr+kp0yN90QEHDnHpDs6Ai9fu2Av8ihwwJq8HXvRfxWs/TNvsezWoZAjdu:5Mroy90BnRs67fUI3cXvR7NvKpu

Malware Config

Extracted

Family

redline

Botnet

fukia

C2

193.233.20.13:4136

Attributes
  • auth_value

    e5783636fbd9e4f0cf9a017bce02e67e

Targets

    • Target

      cb5b5176f57bcba0c328d4b4b8d349717060fd95cd74f51623df9b3c4ec561cf

    • Size

      469KB

    • MD5

      96689513b4db0b20f83ee9fa877ef56c

    • SHA1

      b2ee4aaa9a184e27171e6316d98e4b0ed8a6c538

    • SHA256

      cb5b5176f57bcba0c328d4b4b8d349717060fd95cd74f51623df9b3c4ec561cf

    • SHA512

      aa5c9d15432b58f049c232aab93b85aaa7c5c281d799ddcc8a51c6cc2e9327ab024e718bf36421fadf09fe31836608499077f3979fff729b0e666d06c9dd1899

    • SSDEEP

      6144:KPy+bnr+kp0yN90QEHDnHpDs6Ai9fu2Av8ihwwJq8HXvRfxWs/TNvsezWoZAjdu:5Mroy90BnRs67fUI3cXvR7NvKpu

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.