General

  • Target

    b38171cca3e15c1886878a2a5139d029

  • Size

    378KB

  • Sample

    241109-mgqbasvrbp

  • MD5

    b38171cca3e15c1886878a2a5139d029

  • SHA1

    90cc8ff5ae86fbfd744feea55f74ee29f238d2af

  • SHA256

    b8c669f517e801eb9a545bb1629719cd0b9986794d963ec6046eed3365a9998f

  • SHA512

    a6c37d81434c0cc2185f76c905a25885f9b0a1b11e4a11e16508b36976d4039ceeceb6b73cca1f0e8f04ad47d5b22c8bacdfc28ad97dca21d88bb68179aa65af

  • SSDEEP

    6144:N2llpLe6/v2vRQhQeTNBDsnRZczcTocYI8eSfuIleN:NalpS6/KmAnRZY0Yw

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      b38171cca3e15c1886878a2a5139d029

    • Size

      378KB

    • MD5

      b38171cca3e15c1886878a2a5139d029

    • SHA1

      90cc8ff5ae86fbfd744feea55f74ee29f238d2af

    • SHA256

      b8c669f517e801eb9a545bb1629719cd0b9986794d963ec6046eed3365a9998f

    • SHA512

      a6c37d81434c0cc2185f76c905a25885f9b0a1b11e4a11e16508b36976d4039ceeceb6b73cca1f0e8f04ad47d5b22c8bacdfc28ad97dca21d88bb68179aa65af

    • SSDEEP

      6144:N2llpLe6/v2vRQhQeTNBDsnRZczcTocYI8eSfuIleN:NalpS6/KmAnRZY0Yw

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks