General

  • Target

    8c12251cd638c48c5a3d15121e5277df5e6e1053

  • Size

    373KB

  • Sample

    241109-yvcsxa1ejj

  • MD5

    79131b16c1852ed90329850785b8bc18

  • SHA1

    8c12251cd638c48c5a3d15121e5277df5e6e1053

  • SHA256

    6d3ef3ced3996bf69886d32c49be8ec664e5f949ce150e378c65cc5b515a07dd

  • SHA512

    0ddf762fc1ea8b504dec2a90f053d2c01b91c3f9cab648feafd28b1c95fdc400e20f711f2e5234dae7e1d9273ced0f2ea4c81c79d6ce37667ab9a11f0f57b07c

  • SSDEEP

    3072:4ibEgkdGKxWR2VbM9eomnk9pi+D/OmlZI5Mf1gcE71zoVE0a7LgHjO5WsqnZg2:JEgucR2Z+eK9Q+D/XI5V1BKjB7nx

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      8c12251cd638c48c5a3d15121e5277df5e6e1053

    • Size

      373KB

    • MD5

      79131b16c1852ed90329850785b8bc18

    • SHA1

      8c12251cd638c48c5a3d15121e5277df5e6e1053

    • SHA256

      6d3ef3ced3996bf69886d32c49be8ec664e5f949ce150e378c65cc5b515a07dd

    • SHA512

      0ddf762fc1ea8b504dec2a90f053d2c01b91c3f9cab648feafd28b1c95fdc400e20f711f2e5234dae7e1d9273ced0f2ea4c81c79d6ce37667ab9a11f0f57b07c

    • SSDEEP

      3072:4ibEgkdGKxWR2VbM9eomnk9pi+D/OmlZI5Mf1gcE71zoVE0a7LgHjO5WsqnZg2:JEgucR2Z+eK9Q+D/XI5V1BKjB7nx

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks