General

  • Target

    4f9233f66f6480157d5f668b0dacfae2b410f3e0

  • Size

    373KB

  • Sample

    241109-yzj3satphm

  • MD5

    30c0f4c7ec867f46efad0e72c1fabb4a

  • SHA1

    4f9233f66f6480157d5f668b0dacfae2b410f3e0

  • SHA256

    6a5066efcdde9632d1cec1c8acdf481518e1db889282832ed64d80f1947cca12

  • SHA512

    4797f2128256e747c2f1dea29b0589a12b14b5e153bcd58f2a4c6a16672289eebc11cdcc0769a5d2f28015b977fc6d5f90ef9545b7d623600230de0d043c41f7

  • SSDEEP

    6144:sQbYaHTyC3lD/ZQYHLcoO8xtTUXiNzUZBQKW:BbYaH2+NLU8xhciBc

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      4f9233f66f6480157d5f668b0dacfae2b410f3e0

    • Size

      373KB

    • MD5

      30c0f4c7ec867f46efad0e72c1fabb4a

    • SHA1

      4f9233f66f6480157d5f668b0dacfae2b410f3e0

    • SHA256

      6a5066efcdde9632d1cec1c8acdf481518e1db889282832ed64d80f1947cca12

    • SHA512

      4797f2128256e747c2f1dea29b0589a12b14b5e153bcd58f2a4c6a16672289eebc11cdcc0769a5d2f28015b977fc6d5f90ef9545b7d623600230de0d043c41f7

    • SSDEEP

      6144:sQbYaHTyC3lD/ZQYHLcoO8xtTUXiNzUZBQKW:BbYaH2+NLU8xhciBc

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks