General

  • Target

    2aac7145e2eab957c4617d30b9a8c5ef012eed94b0df55dd7aeb42e9e90aa6d8

  • Size

    416KB

  • Sample

    241109-mla26svrgm

  • MD5

    35ebb826a864d189190b8ab038a2f9da

  • SHA1

    027bfddc979add973ccdd5ab0a8375f360173f6c

  • SHA256

    2aac7145e2eab957c4617d30b9a8c5ef012eed94b0df55dd7aeb42e9e90aa6d8

  • SHA512

    77744e255b3316a593538779420c4b2941fe625c7b181f4889709d672a4f9c170729d6d27f85cdc3f9bf2638b72d72952779618571c473e0c4b0ce51203129ea

  • SSDEEP

    6144:Fn7vye1hX9DYGBjgQhR7cG+sgkokddTZ1aHbP1/k4Wy/adMgDRy+DoK:F7hTXFPBjgQhUsNPdv1KVPR/anNf

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      2aac7145e2eab957c4617d30b9a8c5ef012eed94b0df55dd7aeb42e9e90aa6d8

    • Size

      416KB

    • MD5

      35ebb826a864d189190b8ab038a2f9da

    • SHA1

      027bfddc979add973ccdd5ab0a8375f360173f6c

    • SHA256

      2aac7145e2eab957c4617d30b9a8c5ef012eed94b0df55dd7aeb42e9e90aa6d8

    • SHA512

      77744e255b3316a593538779420c4b2941fe625c7b181f4889709d672a4f9c170729d6d27f85cdc3f9bf2638b72d72952779618571c473e0c4b0ce51203129ea

    • SSDEEP

      6144:Fn7vye1hX9DYGBjgQhR7cG+sgkokddTZ1aHbP1/k4Wy/adMgDRy+DoK:F7hTXFPBjgQhUsNPdv1KVPR/anNf

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks