General

  • Target

    5aba35cf34858e20d1df7500a94da550

  • Size

    449KB

  • Sample

    241109-m6t1saslht

  • MD5

    5aba35cf34858e20d1df7500a94da550

  • SHA1

    1c8cb9c5c5b6d4a7f640025ba04f655783ab9cde

  • SHA256

    5c50e3f9708bea49825615130cd2f2534f1c8bc709f0bf6df83ed8b419c0df5e

  • SHA512

    24c9b8682fe86640cfbf90a227f8b8051016fb9a3e961d8ba9166d2c9d1d0201b7fde849ae5f13cfca3bdb7d0e7d6f2b1b329509dd4e26b748daf5c5169d13e0

  • SSDEEP

    12288:93gN5CAoWLUcJzYzwW0T9M6K9onLx0WcBM:HAoWoOW0hM6TnLxMM

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      5aba35cf34858e20d1df7500a94da550

    • Size

      449KB

    • MD5

      5aba35cf34858e20d1df7500a94da550

    • SHA1

      1c8cb9c5c5b6d4a7f640025ba04f655783ab9cde

    • SHA256

      5c50e3f9708bea49825615130cd2f2534f1c8bc709f0bf6df83ed8b419c0df5e

    • SHA512

      24c9b8682fe86640cfbf90a227f8b8051016fb9a3e961d8ba9166d2c9d1d0201b7fde849ae5f13cfca3bdb7d0e7d6f2b1b329509dd4e26b748daf5c5169d13e0

    • SSDEEP

      12288:93gN5CAoWLUcJzYzwW0T9M6K9onLx0WcBM:HAoWoOW0hM6TnLxMM

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks