General

  • Target

    9f5678a34d69cf3d5ce7caf455df17aaef1206eff0dd4ed03c613597fa42ad31

  • Size

    337KB

  • Sample

    241109-mgdmhavrbl

  • MD5

    b41f555dcdfad5f10e3de9e9f8269c1b

  • SHA1

    ec396306002f5d01413cc928e8311b40a4f4fe93

  • SHA256

    9f5678a34d69cf3d5ce7caf455df17aaef1206eff0dd4ed03c613597fa42ad31

  • SHA512

    aa08975e5411cf8fcc91428545dd5fee87bf8d4f8c47d6a1dc451d7cb0bfedbcb35e8231ed9dab151f10cb8a88e7cf112f54a561fb5f2e6a8511e150edd64464

  • SSDEEP

    6144:vZ1fxU+7jHJPyu/j9NfDgLa9aUBWqfHSbVmRWbfQoMGT4tKKtL:vZ1fSqPyOg+93BWqfyhmRsCGT4tjtL

Malware Config

Extracted

Family

redline

Botnet

UNIKALNO

C2

193.233.48.58:43014

Attributes
  • auth_value

    1d7803729b21e164718a33f5666a4f7b

Targets

    • Target

      9f5678a34d69cf3d5ce7caf455df17aaef1206eff0dd4ed03c613597fa42ad31

    • Size

      337KB

    • MD5

      b41f555dcdfad5f10e3de9e9f8269c1b

    • SHA1

      ec396306002f5d01413cc928e8311b40a4f4fe93

    • SHA256

      9f5678a34d69cf3d5ce7caf455df17aaef1206eff0dd4ed03c613597fa42ad31

    • SHA512

      aa08975e5411cf8fcc91428545dd5fee87bf8d4f8c47d6a1dc451d7cb0bfedbcb35e8231ed9dab151f10cb8a88e7cf112f54a561fb5f2e6a8511e150edd64464

    • SSDEEP

      6144:vZ1fxU+7jHJPyu/j9NfDgLa9aUBWqfHSbVmRWbfQoMGT4tKKtL:vZ1fSqPyOg+93BWqfyhmRsCGT4tjtL

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks