General

  • Target

    a7fd8ce59e77c17b59387dd6946e22f66fd7cd33

  • Size

    373KB

  • Sample

    241109-zfqxna1khy

  • MD5

    7274a10abbe93d84b708c56043e60cc0

  • SHA1

    a7fd8ce59e77c17b59387dd6946e22f66fd7cd33

  • SHA256

    cf162b47a5431e4d9cc14b90c18a9b7038947619ade52865b84fba8ddeb3d9ff

  • SHA512

    6fa1e735dba6e3a862cdcf2950b70111c8822439058a872203931c15a372d55d7585cd5b05628cb4c796c6de0c8e4049460d4e4f04359925998798b85fb8b771

  • SSDEEP

    6144:WjEgPPZaX49i8HQskcmF+PsVzaBZ0kQYEPIDWg7DTtg+2Od:kEgHs4ECQsk0spIVQYMSDTt7

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      a7fd8ce59e77c17b59387dd6946e22f66fd7cd33

    • Size

      373KB

    • MD5

      7274a10abbe93d84b708c56043e60cc0

    • SHA1

      a7fd8ce59e77c17b59387dd6946e22f66fd7cd33

    • SHA256

      cf162b47a5431e4d9cc14b90c18a9b7038947619ade52865b84fba8ddeb3d9ff

    • SHA512

      6fa1e735dba6e3a862cdcf2950b70111c8822439058a872203931c15a372d55d7585cd5b05628cb4c796c6de0c8e4049460d4e4f04359925998798b85fb8b771

    • SSDEEP

      6144:WjEgPPZaX49i8HQskcmF+PsVzaBZ0kQYEPIDWg7DTtg+2Od:kEgHs4ECQsk0spIVQYMSDTt7

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks