General

  • Target

    6064c290a370fde234bfa6bda2ccaedc

  • Size

    372KB

  • Sample

    241109-z4lb3s1qaz

  • MD5

    6064c290a370fde234bfa6bda2ccaedc

  • SHA1

    c8f98e6648b7d19e08a81a7436b94a151c096288

  • SHA256

    756543e3dde6c385f3284991d4489e1cfcf96f3cad8fb1cd5770d53657a2417e

  • SHA512

    7075b20422c1aa7b7f31140a7df84f47171a89717ec58976dad0534e372408750547673b370e9e605f88de4c719a0a6c9eaa7cae73aaf035b5670539b5b4f542

  • SSDEEP

    6144:83EgUH6ePWyeiCfTDpPR9hk7sE9NYq4099j5khau:MEgUH6ePznCfTDpPR9hAYp0L4a

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      6064c290a370fde234bfa6bda2ccaedc

    • Size

      372KB

    • MD5

      6064c290a370fde234bfa6bda2ccaedc

    • SHA1

      c8f98e6648b7d19e08a81a7436b94a151c096288

    • SHA256

      756543e3dde6c385f3284991d4489e1cfcf96f3cad8fb1cd5770d53657a2417e

    • SHA512

      7075b20422c1aa7b7f31140a7df84f47171a89717ec58976dad0534e372408750547673b370e9e605f88de4c719a0a6c9eaa7cae73aaf035b5670539b5b4f542

    • SSDEEP

      6144:83EgUH6ePWyeiCfTDpPR9hk7sE9NYq4099j5khau:MEgUH6ePznCfTDpPR9hAYp0L4a

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks