General

  • Target

    4ea9a047f9b6deaf29905096013e5dc5ec72a04f5e1a806fed9054c7f9c7bd4e

  • Size

    358KB

  • Sample

    241109-mhdznasgjk

  • MD5

    788824506d4aec584d677313e1bd8d8a

  • SHA1

    a3aa322673363179d13b8f95e6473ab97ee32391

  • SHA256

    4ea9a047f9b6deaf29905096013e5dc5ec72a04f5e1a806fed9054c7f9c7bd4e

  • SHA512

    fec6b3aebe3c475f8cc9875e8064792a77f2c1c6d17d66211ae41eb6a72126ab53ddd431ceda690c9aeb7b11284ea205c4689d1d866f994ed910b2e56a229f99

  • SSDEEP

    6144:voxXXo8hEByXPKk12S37cb2YroAwM5ANMVg7MSGQTeYtqeGAmfC0K:voFXzhEByik4SrcRLlg7MJyJn

Malware Config

Extracted

Family

redline

Botnet

dozk

C2

91.215.85.15:25916

Attributes
  • auth_value

    9f1dc4ff242fb8b53742acae0ef96143

Targets

    • Target

      4ea9a047f9b6deaf29905096013e5dc5ec72a04f5e1a806fed9054c7f9c7bd4e

    • Size

      358KB

    • MD5

      788824506d4aec584d677313e1bd8d8a

    • SHA1

      a3aa322673363179d13b8f95e6473ab97ee32391

    • SHA256

      4ea9a047f9b6deaf29905096013e5dc5ec72a04f5e1a806fed9054c7f9c7bd4e

    • SHA512

      fec6b3aebe3c475f8cc9875e8064792a77f2c1c6d17d66211ae41eb6a72126ab53ddd431ceda690c9aeb7b11284ea205c4689d1d866f994ed910b2e56a229f99

    • SSDEEP

      6144:voxXXo8hEByXPKk12S37cb2YroAwM5ANMVg7MSGQTeYtqeGAmfC0K:voFXzhEByik4SrcRLlg7MJyJn

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks