General

  • Target

    928895c6dd5b8988a964a330c8698a46

  • Size

    415KB

  • Sample

    241109-m9nm6ssmds

  • MD5

    928895c6dd5b8988a964a330c8698a46

  • SHA1

    729e639e5298a23b2779b4f4209d4bc90ec4d974

  • SHA256

    b0a1a90c99490fbee2f9d526956cee3f2ce17c87c833032acb371165f760cddb

  • SHA512

    706272c5689cb5f10d16f68c09f945a68ef750b50157c6013bed8e547db35978725f9e9bbaf31e77b88bb26e5cb5c773dc3433104b4de31c1d6dc1e1bcaf5402

  • SSDEEP

    6144:DnuJRigTmno+NhzIG5SPrVFCg1ASe0gbMnjHwVtLTDi34JQ4kokiV:DuyQmoihzIG5S3CQASwMDupP

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      928895c6dd5b8988a964a330c8698a46

    • Size

      415KB

    • MD5

      928895c6dd5b8988a964a330c8698a46

    • SHA1

      729e639e5298a23b2779b4f4209d4bc90ec4d974

    • SHA256

      b0a1a90c99490fbee2f9d526956cee3f2ce17c87c833032acb371165f760cddb

    • SHA512

      706272c5689cb5f10d16f68c09f945a68ef750b50157c6013bed8e547db35978725f9e9bbaf31e77b88bb26e5cb5c773dc3433104b4de31c1d6dc1e1bcaf5402

    • SSDEEP

      6144:DnuJRigTmno+NhzIG5SPrVFCg1ASe0gbMnjHwVtLTDi34JQ4kokiV:DuyQmoihzIG5S3CQASwMDupP

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks