General

  • Target

    385e2049d9f78d6c78a5b7aa12fa9415b34eaf02

  • Size

    407KB

  • Sample

    241109-y3g3lazrev

  • MD5

    f8c740cf38db81afed164eeed4020d06

  • SHA1

    385e2049d9f78d6c78a5b7aa12fa9415b34eaf02

  • SHA256

    4afa0f31f43bd60c69155328859a4bb5fab97596439b9dc26b69d3a527481ef6

  • SHA512

    f436d3e6bf4b33c7e530d87ac475867eab6481392eae55af49c3f0bdd081c767e8b76e8e1b7d87c6eef780ccdddfac1385ef1cbca480f7930b5a9cccf921b4c0

  • SSDEEP

    12288:Mz/G7MTsPu4K4agKj2wVomkFhGp9/4v6KEwYF2:ysPedSNmQG/4bNYc

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      385e2049d9f78d6c78a5b7aa12fa9415b34eaf02

    • Size

      407KB

    • MD5

      f8c740cf38db81afed164eeed4020d06

    • SHA1

      385e2049d9f78d6c78a5b7aa12fa9415b34eaf02

    • SHA256

      4afa0f31f43bd60c69155328859a4bb5fab97596439b9dc26b69d3a527481ef6

    • SHA512

      f436d3e6bf4b33c7e530d87ac475867eab6481392eae55af49c3f0bdd081c767e8b76e8e1b7d87c6eef780ccdddfac1385ef1cbca480f7930b5a9cccf921b4c0

    • SSDEEP

      12288:Mz/G7MTsPu4K4agKj2wVomkFhGp9/4v6KEwYF2:ysPedSNmQG/4bNYc

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks