General

  • Target

    c0979b769e988d86188e2a820b6856cec5611b1c4bd2fa0d976c8305cfe8184c

  • Size

    372KB

  • Sample

    241109-m42mvatbkf

  • MD5

    e6ded1258383cf398ac76eeae7aa2d91

  • SHA1

    8012536d2d446d3389088b0e3338c8d4ff7ca461

  • SHA256

    c0979b769e988d86188e2a820b6856cec5611b1c4bd2fa0d976c8305cfe8184c

  • SHA512

    ee61b15a299031943472534955c376140ee2fa28bd4fc65aa3fd64caa47b4c3fb469bc39bcecef62cdcde79c999d4e98b1dd57d0629b88557e297f3796318ad0

  • SSDEEP

    6144:iEgWNCOsa1ipGgSkONMRmd3Ij+4MNnWRJTZFy2Z16:iEgWNCZ8gSrUkY2WnZY

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      c0979b769e988d86188e2a820b6856cec5611b1c4bd2fa0d976c8305cfe8184c

    • Size

      372KB

    • MD5

      e6ded1258383cf398ac76eeae7aa2d91

    • SHA1

      8012536d2d446d3389088b0e3338c8d4ff7ca461

    • SHA256

      c0979b769e988d86188e2a820b6856cec5611b1c4bd2fa0d976c8305cfe8184c

    • SHA512

      ee61b15a299031943472534955c376140ee2fa28bd4fc65aa3fd64caa47b4c3fb469bc39bcecef62cdcde79c999d4e98b1dd57d0629b88557e297f3796318ad0

    • SSDEEP

      6144:iEgWNCOsa1ipGgSkONMRmd3Ij+4MNnWRJTZFy2Z16:iEgWNCZ8gSrUkY2WnZY

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks