General

  • Target

    7cf63b13f31b2fabd3c21dd219b4ee1fa832939e

  • Size

    324KB

  • Sample

    241109-mz2gaawkfq

  • MD5

    cacc0cc1cc7a9de4223c2da2fbfcce44

  • SHA1

    7cf63b13f31b2fabd3c21dd219b4ee1fa832939e

  • SHA256

    7afff05c16f7d91deed023b31ab264a5a59a5b4f38be33d23a44069b926032ab

  • SHA512

    ff222037a140d5200de744f865d98797ed0566f2427561ee8effa52a137d761950b4064f9db8230134337309b45dc3b82c8c7e8b5fa3f02e808a6e3267b6296b

  • SSDEEP

    6144:4kQuOSvy0tyg9E4rCRf9DX6E0ZYYIvNyEm8N:49uOSvy+RC+EOxIvgEm

Malware Config

Extracted

Family

redline

Botnet

TripleSBanks

C2

185.143.223.90:10024

Attributes
  • auth_value

    064872fe393e6f3a6d60eca59269d528

Targets

    • Target

      7cf63b13f31b2fabd3c21dd219b4ee1fa832939e

    • Size

      324KB

    • MD5

      cacc0cc1cc7a9de4223c2da2fbfcce44

    • SHA1

      7cf63b13f31b2fabd3c21dd219b4ee1fa832939e

    • SHA256

      7afff05c16f7d91deed023b31ab264a5a59a5b4f38be33d23a44069b926032ab

    • SHA512

      ff222037a140d5200de744f865d98797ed0566f2427561ee8effa52a137d761950b4064f9db8230134337309b45dc3b82c8c7e8b5fa3f02e808a6e3267b6296b

    • SSDEEP

      6144:4kQuOSvy0tyg9E4rCRf9DX6E0ZYYIvNyEm8N:49uOSvy+RC+EOxIvgEm

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks