General

  • Target

    79e245fc252808f03abf7985eb84b6d21552f496018bb10fecfc665978d7f63f

  • Size

    289KB

  • Sample

    241109-yhwp9atmcl

  • MD5

    f0fe62968a70c0cdb5880e34a348aebb

  • SHA1

    eefbae5cc8a1f706e67a2cb33203642f61375450

  • SHA256

    79e245fc252808f03abf7985eb84b6d21552f496018bb10fecfc665978d7f63f

  • SHA512

    afc86339035aa29fb0ab53bd5f304d709d499d123d551431b5696ea38661e6c82327279b3770706fa417c75a6b48e7c7452b1a5c28abc811c00fa53e305148a1

  • SSDEEP

    6144:aHOESaoE1EHiLyTvgR2q+cUoNTb7vYQvaE/CK9Qjh2KipRF3DNQKhC:amaeDiscUol/v7vOph2ztDFC

Malware Config

Extracted

Family

redline

Botnet

@new@2023

C2

77.73.133.62:22344

Attributes
  • auth_value

    8284279aedaed026a9b7cb9c1c0be4e4

Targets

    • Target

      49247faf1d0f135714dee52d16a194872218025aaa4baf1d3a2184dda4245f2b.exe

    • Size

      363KB

    • MD5

      3a932f5f4471c2123c8a92f77feda17f

    • SHA1

      af7de147bc7d1fecd1289a1279c196aaa28b9404

    • SHA256

      49247faf1d0f135714dee52d16a194872218025aaa4baf1d3a2184dda4245f2b

    • SHA512

      828221e10ca58a0a37a3c357ed2838fbda540354166283a25872c390523e4098a364f82053e048dd99908f7f9863d3ebae6e86246ef9891b52a60bdcc8c7e759

    • SSDEEP

      6144:Y68LWOP2+A1wGRiyar2Yopvwh/3w7t3MKJ6E3EO0g1rAKz:Y68iOPPA1XSavK0MKJvEO71r

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks