General

  • Target

    321cdf677395a5262a3e1bb600f7adaa8bdb2aa3

  • Size

    407KB

  • Sample

    241109-yfvp6szmfx

  • MD5

    37c4f4cb46fa317f4a945970fe971a08

  • SHA1

    321cdf677395a5262a3e1bb600f7adaa8bdb2aa3

  • SHA256

    75a7c23cf6a39f28ff5b06825e26e57749a95b7026f78b61da50d91a7b4affa3

  • SHA512

    96a2b0f4ba0b49610f72124a7833a541d31808323c2ff13578ae6b73825a75df839eef3ec6cca2b88affe31428addb51ee174ad58b98fe5470db188ea9904ec8

  • SSDEEP

    12288:9EviK64KoYNu/FtIvxWXTtGMvDfGMx9IPN8:L4KoyM8WXTtGgDfGy9IP

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      321cdf677395a5262a3e1bb600f7adaa8bdb2aa3

    • Size

      407KB

    • MD5

      37c4f4cb46fa317f4a945970fe971a08

    • SHA1

      321cdf677395a5262a3e1bb600f7adaa8bdb2aa3

    • SHA256

      75a7c23cf6a39f28ff5b06825e26e57749a95b7026f78b61da50d91a7b4affa3

    • SHA512

      96a2b0f4ba0b49610f72124a7833a541d31808323c2ff13578ae6b73825a75df839eef3ec6cca2b88affe31428addb51ee174ad58b98fe5470db188ea9904ec8

    • SSDEEP

      12288:9EviK64KoYNu/FtIvxWXTtGMvDfGMx9IPN8:L4KoyM8WXTtGgDfGy9IP

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks