General

  • Target

    d16f3a94605be6ff0071009ce75866d65a21b287663d2d8632d0d40472aa208b

  • Size

    373KB

  • Sample

    241109-x8tg5stlak

  • MD5

    f92e09721ffc665b447365380b9c8c19

  • SHA1

    fcabb24580f7d5078d43a5ee0afa48b4c366c8c3

  • SHA256

    d16f3a94605be6ff0071009ce75866d65a21b287663d2d8632d0d40472aa208b

  • SHA512

    2072d65cb9d6e6c0aa723dc7be9133f821b6f1017068650eb792fbddad4d6bf38d3e5b83e2f959ebab39ddac1743a1c4c2733b5633dfa874cd861c6486562d9f

  • SSDEEP

    6144:YhXf0bnpskXXaTI0vK8zG8SkIp2VGezmbY34Tih:YObnpLXuXvKYkkw/kR

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      d16f3a94605be6ff0071009ce75866d65a21b287663d2d8632d0d40472aa208b

    • Size

      373KB

    • MD5

      f92e09721ffc665b447365380b9c8c19

    • SHA1

      fcabb24580f7d5078d43a5ee0afa48b4c366c8c3

    • SHA256

      d16f3a94605be6ff0071009ce75866d65a21b287663d2d8632d0d40472aa208b

    • SHA512

      2072d65cb9d6e6c0aa723dc7be9133f821b6f1017068650eb792fbddad4d6bf38d3e5b83e2f959ebab39ddac1743a1c4c2733b5633dfa874cd861c6486562d9f

    • SSDEEP

      6144:YhXf0bnpskXXaTI0vK8zG8SkIp2VGezmbY34Tih:YObnpLXuXvKYkkw/kR

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks