General

  • Target

    1bf0fd685a62931f688662f2339cadab492a1db3b60ee175a110f420949860c8

  • Size

    253KB

  • Sample

    241109-y5bnlatran

  • MD5

    5dc180f2e6287b79523b685ac439c537

  • SHA1

    9dd60d471e4ec5bf8d9b2eb3f663d86691a3ed56

  • SHA256

    1bf0fd685a62931f688662f2339cadab492a1db3b60ee175a110f420949860c8

  • SHA512

    7780c70739fb155c281a402b5242236e28284dc103a12e7a53efbc2a465a9cd4ebd45a5034e0feb55fe5326d1fde127601b9822011e4f503cdbf11eac759e7c0

  • SSDEEP

    6144:o4JsG1HnJ0eBIN03NXXw1hE6LYax1Wj0lnTSdk98Be:o4JsGJnSCIWlg/Eij1401SUt

Malware Config

Extracted

Family

redline

Botnet

fud

C2

193.233.20.27:4123

Attributes
  • auth_value

    cddc991efd6918ad5321d80dac884b40

Targets

    • Target

      4b920eec3febd1c102d5be425b80053c5a56d582e0a16c24b12cb5dd42d80eb5.exe

    • Size

      361KB

    • MD5

      a413967d29faa8bfe4a16a4559cb31c0

    • SHA1

      73e5da45efb8fd5d49bafce6dee1dd821cdb8988

    • SHA256

      4b920eec3febd1c102d5be425b80053c5a56d582e0a16c24b12cb5dd42d80eb5

    • SHA512

      74ac0edf2c551b28dde2f97978cb8904040365939e4e6eb45da0408d5b3d333705d103954a71c44221867a9919d899448013316852e5b795e8b6f28a6e25850e

    • SSDEEP

      6144:FLPm5PKqhKsktou8kTRjK12KUl9fNGEXjzgU0onQCf4eZ:FLmtJGXTaqlFNfvgUJ5/Z

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks