General

  • Target

    c4720377b41550baf6a7cccda63fc397

  • Size

    261KB

  • Sample

    241109-mkzzxavrfr

  • MD5

    c4720377b41550baf6a7cccda63fc397

  • SHA1

    7874fb571ba96a6eb6e439b6fe199abafdb762a2

  • SHA256

    62fec95155481258f5f293a77e8bb198b2df7ec8cbbdeb93b1e7f7f380fd7578

  • SHA512

    be69969ed0f8a55d74a9d18e1500bc4bb7bacf558bac8b32667bf3dde1bcc4e7db80d8a4492809672dc4aaa482c76eeb0c9035ab30459f32eef3a28d91adedaf

  • SSDEEP

    6144:4zQdZL5OLb3vEx8BrxaRxrEClJXhy+FFzxz32drX9rtg8u1:4Chsjdyx1XhFFf2dRpgp1

Malware Config

Extracted

Family

redline

Botnet

noname

C2

185.215.113.29:34865

Attributes
  • auth_value

    9070981b949039479ba8eae270c35aa0

Targets

    • Target

      ferrari2.exe

    • Size

      408KB

    • MD5

      37245961c3b48c8371d53573668f1e7c

    • SHA1

      55db7ac97ab07a33b13c7a449409478afaf97727

    • SHA256

      c36f77f64cebf8ac8520c9fb71d687a9fb7873f14ba2c0c59697cdb8de3835cc

    • SHA512

      5ef47926e6765278a17c3d2823dc87dddf4ee8d0beae5adca70c48cc55d8b54f7da9fd7d21bedaad735ad87a7f98fb6c590fae7f3f7b19a4319a4f5a0269a2fa

    • SSDEEP

      6144:1rdvAqwMwkhEWh5d1POteeXUiQSLCoSo4oMt0aGtYw/CEslXnm4/4:1Bvh0WvgXUOLmFosiYw/fJ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks