General

  • Target

    951826d6763477469cdb665e1033e382fc1c73bd0fcd94b489c69f544c5a4a59N

  • Size

    175KB

  • Sample

    241109-ynx59s1dma

  • MD5

    931aa6144c9e16697beacf342e5b2520

  • SHA1

    97506e03a88d4e3ced5c2f2f8ac1b4ffd83406f1

  • SHA256

    951826d6763477469cdb665e1033e382fc1c73bd0fcd94b489c69f544c5a4a59

  • SHA512

    9e94e0e86a2785eef06465838cc760666284aebd8ca841eab9235d1c3410d150405688dbeed518ca5168e22ed379e42298efe96eeaf3a09f15baf373b58acfa5

  • SSDEEP

    3072:KxqZWJBaKULo3pfEWGljeerDF/hevTxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw09:4qZIpfEWYL/hk

Malware Config

Extracted

Family

redline

Botnet

fuba

C2

193.56.146.11:4162

Attributes
  • auth_value

    43015841fc23c63b15ca6ffe1d278d5e

Targets

    • Target

      951826d6763477469cdb665e1033e382fc1c73bd0fcd94b489c69f544c5a4a59N

    • Size

      175KB

    • MD5

      931aa6144c9e16697beacf342e5b2520

    • SHA1

      97506e03a88d4e3ced5c2f2f8ac1b4ffd83406f1

    • SHA256

      951826d6763477469cdb665e1033e382fc1c73bd0fcd94b489c69f544c5a4a59

    • SHA512

      9e94e0e86a2785eef06465838cc760666284aebd8ca841eab9235d1c3410d150405688dbeed518ca5168e22ed379e42298efe96eeaf3a09f15baf373b58acfa5

    • SSDEEP

      3072:KxqZWJBaKULo3pfEWGljeerDF/hevTxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw09:4qZIpfEWYL/hk

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks