General

  • Target

    603e885b3068a13f9831fe3a6947cab6

  • Size

    373KB

  • Sample

    241109-zfcp2a1khs

  • MD5

    603e885b3068a13f9831fe3a6947cab6

  • SHA1

    989d7f7de674ff4fb3d08ae8de5b4b2cb011b37f

  • SHA256

    93aed7b091129840fe3446af394b17902c52382e004455bac40916438644c1a5

  • SHA512

    785c9a9b0299877a3eefce96148f503df61132e58cb9a8bd3dce641f4a9a479c6f3b570997f71ec5ac8bb829c24d2f45caf6a07714b85af31bc1a27f9e2bcb74

  • SSDEEP

    6144:PEgSTsQoPSeYmSi3luWQfDCS9I54qlRZetuHs7:PEgS4QPerwvfDCso/TH

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      603e885b3068a13f9831fe3a6947cab6

    • Size

      373KB

    • MD5

      603e885b3068a13f9831fe3a6947cab6

    • SHA1

      989d7f7de674ff4fb3d08ae8de5b4b2cb011b37f

    • SHA256

      93aed7b091129840fe3446af394b17902c52382e004455bac40916438644c1a5

    • SHA512

      785c9a9b0299877a3eefce96148f503df61132e58cb9a8bd3dce641f4a9a479c6f3b570997f71ec5ac8bb829c24d2f45caf6a07714b85af31bc1a27f9e2bcb74

    • SSDEEP

      6144:PEgSTsQoPSeYmSi3luWQfDCS9I54qlRZetuHs7:PEgS4QPerwvfDCso/TH

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks