General

  • Target

    be1478b41b361856cfbd325c5dd7552747ca61b342c971804782719a675d63d7N

  • Size

    175KB

  • Sample

    241109-yn4yta1dme

  • MD5

    96d824387d98dfc4a0068c07d978bad0

  • SHA1

    32aee203273fe1dd0a93c08eb8fbd8070e6ca896

  • SHA256

    be1478b41b361856cfbd325c5dd7552747ca61b342c971804782719a675d63d7

  • SHA512

    82a8dddf695122312a81d6c7c0f66f6bc17216028c40eb11c28cce4efdb3ad74084085e3d183dd45ee381fc76212c5e18bf1262efa0363e6b37ce90afd681619

  • SSDEEP

    3072:UxqZWJBaKULo3P/UxljLezBFAhovTxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jt:qqZIP/UnKAhi

Malware Config

Extracted

Family

redline

Botnet

frukt

C2

193.233.20.23:4124

Attributes
  • auth_value

    06c91230f673ef9b659f23ab41313be0

Targets

    • Target

      be1478b41b361856cfbd325c5dd7552747ca61b342c971804782719a675d63d7N

    • Size

      175KB

    • MD5

      96d824387d98dfc4a0068c07d978bad0

    • SHA1

      32aee203273fe1dd0a93c08eb8fbd8070e6ca896

    • SHA256

      be1478b41b361856cfbd325c5dd7552747ca61b342c971804782719a675d63d7

    • SHA512

      82a8dddf695122312a81d6c7c0f66f6bc17216028c40eb11c28cce4efdb3ad74084085e3d183dd45ee381fc76212c5e18bf1262efa0363e6b37ce90afd681619

    • SSDEEP

      3072:UxqZWJBaKULo3P/UxljLezBFAhovTxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jt:qqZIP/UnKAhi

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks