General

  • Target

    40e95f7aa47b350121c2bd848c310523d519507eaaf61f59ab80b00f7a6ca2fe

  • Size

    415KB

  • Sample

    241109-y8xp8svjal

  • MD5

    54f9c0a15bdba67e1b55a8783411cf58

  • SHA1

    703db398522221d68df8c24ccbbe5e919acb8c7f

  • SHA256

    40e95f7aa47b350121c2bd848c310523d519507eaaf61f59ab80b00f7a6ca2fe

  • SHA512

    97d28cb3012e0b13cbee0800a276c0546a7f48ce54e8fb435d3ed6712fa55ad3fffcca3d1bab293f4eef75c3f34bfe71fb2cee546c5f8053eda07d2fd2ad0932

  • SSDEEP

    12288:wXH1ROwdXI9Aariu0wldjGO47L+e6G4YV/W6bXfjHVHg7H:HuX6iQjSj/0DIeqy

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      40e95f7aa47b350121c2bd848c310523d519507eaaf61f59ab80b00f7a6ca2fe

    • Size

      415KB

    • MD5

      54f9c0a15bdba67e1b55a8783411cf58

    • SHA1

      703db398522221d68df8c24ccbbe5e919acb8c7f

    • SHA256

      40e95f7aa47b350121c2bd848c310523d519507eaaf61f59ab80b00f7a6ca2fe

    • SHA512

      97d28cb3012e0b13cbee0800a276c0546a7f48ce54e8fb435d3ed6712fa55ad3fffcca3d1bab293f4eef75c3f34bfe71fb2cee546c5f8053eda07d2fd2ad0932

    • SSDEEP

      12288:wXH1ROwdXI9Aariu0wldjGO47L+e6G4YV/W6bXfjHVHg7H:HuX6iQjSj/0DIeqy

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks