General

  • Target

    9a4749a239e5123e9694c0aa9215c1a6d2aa74ec

  • Size

    416KB

  • Sample

    241109-mapq7asfje

  • MD5

    9e013481364f1fc3dc93781b4998413d

  • SHA1

    9a4749a239e5123e9694c0aa9215c1a6d2aa74ec

  • SHA256

    10b3bb44c1490981c1958c30cf49f5b813e1085c7758f669f4c1bae2d895292a

  • SHA512

    820db724b6be795298164d16c544ff0c294fda5eab26d053059b5465f56019202ccadaac6678bef645758d4974aeb20cb3d7fd90042c8e8884e6c06502ab021e

  • SSDEEP

    6144:Fn7vye1hX9DYGBjgQhR7cG+sgkokddTZ1aHbP1/k4Wy/adMgDRy+DoK:F7hTXFPBjgQhUsNPdv1KVPR/anNf

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      9a4749a239e5123e9694c0aa9215c1a6d2aa74ec

    • Size

      416KB

    • MD5

      9e013481364f1fc3dc93781b4998413d

    • SHA1

      9a4749a239e5123e9694c0aa9215c1a6d2aa74ec

    • SHA256

      10b3bb44c1490981c1958c30cf49f5b813e1085c7758f669f4c1bae2d895292a

    • SHA512

      820db724b6be795298164d16c544ff0c294fda5eab26d053059b5465f56019202ccadaac6678bef645758d4974aeb20cb3d7fd90042c8e8884e6c06502ab021e

    • SSDEEP

      6144:Fn7vye1hX9DYGBjgQhR7cG+sgkokddTZ1aHbP1/k4Wy/adMgDRy+DoK:F7hTXFPBjgQhUsNPdv1KVPR/anNf

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks