General

  • Target

    e2f96990c0a0af9e89b3616ee01a1103

  • Size

    296KB

  • Sample

    241109-zbyfya1hpp

  • MD5

    e2f96990c0a0af9e89b3616ee01a1103

  • SHA1

    a7678ea712df24ae636547c83d4b80190ec76faa

  • SHA256

    4af9a822f179369503b5055fbffe8b8afaa516183aef717867362355c87bebc8

  • SHA512

    6e8938ea653f6402852e16118becf75fade1dd4e172c23fe9ed0d2247a2bdf38b7db98bbfaa9d7112a8de19223cf02a3d43040aeced3e415bc86e8f5b90337d2

  • SSDEEP

    3072:NGqTvLbdHHEeusRqXuEq4ymYq3vq6cAPgBqbN/hxVZ02/isjQn1DrvVP1YkrzpiI:RlkHbCcq6caaq9DVS9vV9YOz

Malware Config

Extracted

Family

redline

Botnet

dozkey

C2

91.212.166.11:47242

Attributes
  • auth_value

    6386fb6f33ca338f864abfc5f8fe1774

Targets

    • Target

      e2f96990c0a0af9e89b3616ee01a1103

    • Size

      296KB

    • MD5

      e2f96990c0a0af9e89b3616ee01a1103

    • SHA1

      a7678ea712df24ae636547c83d4b80190ec76faa

    • SHA256

      4af9a822f179369503b5055fbffe8b8afaa516183aef717867362355c87bebc8

    • SHA512

      6e8938ea653f6402852e16118becf75fade1dd4e172c23fe9ed0d2247a2bdf38b7db98bbfaa9d7112a8de19223cf02a3d43040aeced3e415bc86e8f5b90337d2

    • SSDEEP

      3072:NGqTvLbdHHEeusRqXuEq4ymYq3vq6cAPgBqbN/hxVZ02/isjQn1DrvVP1YkrzpiI:RlkHbCcq6caaq9DVS9vV9YOz

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks