General

  • Target

    b46422d334ab13284cd0af547d303eb4d893190c9b5c45fe775182920943d2ca

  • Size

    260KB

  • Sample

    241109-mkbx3ssgmc

  • MD5

    e173dba2f2cf476256010ebe1e1bb61b

  • SHA1

    051a8b84e445f1cc4102ad52a4e2dbdbfe04de3b

  • SHA256

    b46422d334ab13284cd0af547d303eb4d893190c9b5c45fe775182920943d2ca

  • SHA512

    0f9470c0bf8c012d630854263ec32687f9ca2227e197b01dced5867b874b5f02fc3aa559858437f83ca125e8e22d6e941e5b65dbe8034188055dc3949438d32f

  • SSDEEP

    6144:Yan534Z7t1rEl9GuTz0lcxGrmyl/jJ+p3i4Ny:lJ4Bt52vTzJxGiOc3i3

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (Telegram: @logsdillabot)

C2

178.33.182.70:18918

Attributes
  • auth_value

    c2955ed3813a798683a185a82e949f88

Targets

    • Target

      e29264d11a7be505c2d3a54b49287a98445d6084492d51a343646aa2004b02a3.exe

    • Size

      397KB

    • MD5

      04ddc69a550d5cd0831c3123d79b4c3f

    • SHA1

      7b4c195dc72472575c955bc00e407a25446cd823

    • SHA256

      e29264d11a7be505c2d3a54b49287a98445d6084492d51a343646aa2004b02a3

    • SHA512

      7687590efb1d3d23cab17748f28b6c7daabf59b257ce577f9aeb33dc537b2ab3011db69f9c5494d8ea120f3589e18ea8fae6c381f3d6fdf5d4c199e5609f6b8d

    • SSDEEP

      6144:A90lAL7Awz8BpvIAelis67d4jTZHmltPq2cKVXXnQJ:AbnAwz8BGAnd4j9GLq2/nn

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks