General

  • Target

    7e78fd15e8355c9b0ff251e6c69508bf35970927

  • Size

    334KB

  • Sample

    241109-zm4r4a1mcw

  • MD5

    95a26c242263f46ce991520ea6be3367

  • SHA1

    7e78fd15e8355c9b0ff251e6c69508bf35970927

  • SHA256

    bb2d56f21076ce9c61e4bb1303ef8e2221faf7e4517251b2f639145377a66016

  • SHA512

    feabbaca822c4a940c9b036fbf1874a896fd3c4d795cdc3289b69e84bb84912d5ece383731606f90c54aba53904a98c119b8f48b85d7bee751f59ab7e333b7f8

  • SSDEEP

    6144:m7jf+QgmziU/eOBSk4mc1NuQucmZfyNIQLPiGolSppqDaBaoEg2BKgfBc:m2ouU/xX49cJcmZaBLnbsaIoR2BKgO

Malware Config

Extracted

Family

redline

Botnet

neruzki

C2

193.106.191.22:47242

Attributes
  • auth_value

    be14ae67c6dd227f622680a27ea42452

Targets

    • Target

      ea107aced2f858b3925ac4e522693bba0ea0c7d16ef4580ca5cb15a69f2e487a

    • Size

      503KB

    • MD5

      5a343e4f13973c6073796f698fbc4285

    • SHA1

      f43350424f202d52bde79767e0d65514b88f0013

    • SHA256

      ea107aced2f858b3925ac4e522693bba0ea0c7d16ef4580ca5cb15a69f2e487a

    • SHA512

      08b4a3730bd54223e641ef1b415cd6922a0c8c71a2324150f59cccb30493f3a7096a42e38ad839da650ef440d98920cd383b0bae8eb710f3a7c581f76345658b

    • SSDEEP

      12288:waWyAf4xN2mN4rcJemZarLHbQs/tGi6DI+6:wajLx9NMcJeCaPb3tGiw6

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks