General

  • Target

    84e1d845c9034438816a467ad9247d179b353f980efa09b585d01674d60d9758

  • Size

    479KB

  • Sample

    241109-yncjka1crj

  • MD5

    de03561bb02e2598b7bff183d377de28

  • SHA1

    c18768033d97b7c813b9801ac08ad89661fe1fa3

  • SHA256

    84e1d845c9034438816a467ad9247d179b353f980efa09b585d01674d60d9758

  • SHA512

    a2f282b2091d7068221f1c7c418de3799908d65239b5c342f017d256296b47547019cc6e39598ea8ba0fe6e7f020e68f79b2654d5f318bbe45beaaf5c1a46f2e

  • SSDEEP

    12288:DMrKy90x643PdOg2ETJydTktgCvSJZTv:5y26gd3v9ydTktgQSXTv

Malware Config

Extracted

Family

redline

Botnet

dion

C2

217.196.96.101:4132

Attributes
  • auth_value

    6e0b6a3255923968b15f61a2c040c5c9

Targets

    • Target

      84e1d845c9034438816a467ad9247d179b353f980efa09b585d01674d60d9758

    • Size

      479KB

    • MD5

      de03561bb02e2598b7bff183d377de28

    • SHA1

      c18768033d97b7c813b9801ac08ad89661fe1fa3

    • SHA256

      84e1d845c9034438816a467ad9247d179b353f980efa09b585d01674d60d9758

    • SHA512

      a2f282b2091d7068221f1c7c418de3799908d65239b5c342f017d256296b47547019cc6e39598ea8ba0fe6e7f020e68f79b2654d5f318bbe45beaaf5c1a46f2e

    • SSDEEP

      12288:DMrKy90x643PdOg2ETJydTktgCvSJZTv:5y26gd3v9ydTktgQSXTv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks