General

  • Target

    dd5d7f365791d4f2a891e2c8c5308b1d54f3fb2462b82a8160d6a6a936a0867a

  • Size

    378KB

  • Sample

    241109-zxf4savndm

  • MD5

    270e6a2d640ba0a533b5b835779d2c47

  • SHA1

    ee466c602d2a08c51a9ad7e52e1d19611122fc2e

  • SHA256

    dd5d7f365791d4f2a891e2c8c5308b1d54f3fb2462b82a8160d6a6a936a0867a

  • SHA512

    97d7b8daa98419d1034c27dfcb3f4c95213b8ae90290bdabd8e0ccff4bda082123b54e36a9467330fd15d8488af12fc8f6dcbe50c7e88a1e3f9bbdfe1be3a9cb

  • SSDEEP

    6144:N2llpLe6/v2vRQhQeTNBDsnRZczcTocYI8eSfuIleN:NalpS6/KmAnRZY0Yw

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      dd5d7f365791d4f2a891e2c8c5308b1d54f3fb2462b82a8160d6a6a936a0867a

    • Size

      378KB

    • MD5

      270e6a2d640ba0a533b5b835779d2c47

    • SHA1

      ee466c602d2a08c51a9ad7e52e1d19611122fc2e

    • SHA256

      dd5d7f365791d4f2a891e2c8c5308b1d54f3fb2462b82a8160d6a6a936a0867a

    • SHA512

      97d7b8daa98419d1034c27dfcb3f4c95213b8ae90290bdabd8e0ccff4bda082123b54e36a9467330fd15d8488af12fc8f6dcbe50c7e88a1e3f9bbdfe1be3a9cb

    • SSDEEP

      6144:N2llpLe6/v2vRQhQeTNBDsnRZczcTocYI8eSfuIleN:NalpS6/KmAnRZY0Yw

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks