General

  • Target

    6eb1e23430242d3d44d97b482d0247b5c26c8d32ca06ad29d2ca5e6a78d68163

  • Size

    51KB

  • Sample

    241109-y87v7svjbj

  • MD5

    7081eb80fb221305cb9d11382f8b4657

  • SHA1

    c08ba351132fdf136ac16a9bf4df889e0a915de5

  • SHA256

    6eb1e23430242d3d44d97b482d0247b5c26c8d32ca06ad29d2ca5e6a78d68163

  • SHA512

    773cc5395c007bda794902b5a122dec4fd298bd52a206c93eb17105b27779dc91e61dd7128a6e9f8455fa5dbd9c18459abe7127fa5700d7d38b5c808512eec9f

  • SSDEEP

    1536:5gKh5645RT/D6532Q8zxvZTKmda5IX0H8CM7fs6a8vLNAHv4JC:5gKh564njDKGQ8zLNdS78uIZIQU

Malware Config

Extracted

Family

redline

Botnet

vila

C2

193.233.20.33:4125

Attributes
  • auth_value

    94b115d79ddcab0a0fb9dfab8e225c3b

Targets

    • Target

      f7695ff94e1061c70f159dfc5912a39418349df058edd331bd76430847d0972f

    • Size

      175KB

    • MD5

      41559b1c610bb97ee3ae67912adc7202

    • SHA1

      c632db2f5b5f9e0cdf3c579ab4fa40ac8f3edb0c

    • SHA256

      f7695ff94e1061c70f159dfc5912a39418349df058edd331bd76430847d0972f

    • SHA512

      45817036aad430a9c00cf22911ca3226f8c8d14cc798f3513b6016aba8f0186b413d62c520b8d2729dcc657266ee3b0f93d8295f9d00f23806764a4e270c6217

    • SSDEEP

      3072:7xqZW11a2kX8fSx3IeJwewI9zhfrxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOZ:NqZkSx3ZJ5zh

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks