General

  • Target

    335bb87370b9ba4f8760a2bbc115420d25c5f6188eeac3e594755326559ddfaf

  • Size

    385KB

  • Sample

    241109-zxjjxavndn

  • MD5

    00370217c8c088918ba767eb1ae29b6d

  • SHA1

    97a3d10dfb2ad99234392f4ceffa14696d1ee480

  • SHA256

    335bb87370b9ba4f8760a2bbc115420d25c5f6188eeac3e594755326559ddfaf

  • SHA512

    87d96527a6faabddf4b9447dc65d1ab02603d33041c2363ead8c3add006de61aa4257f1bbce54807534ebebe84aef4fbe7200dc662ab68b7feb01392d90176b0

  • SSDEEP

    6144:JCO1Vq3dMOSZAqd1tggP/hxzXW3jR3koT6YjfS2Tfm:sO1Vq3GOSSqdngq/XzmhkoT6cSEm

Malware Config

Extracted

Family

redline

Botnet

boris

C2

193.233.20.32:4125

Attributes
  • auth_value

    766b5bdf6dbefcf7ca223351952fc38f

Targets

    • Target

      335bb87370b9ba4f8760a2bbc115420d25c5f6188eeac3e594755326559ddfaf

    • Size

      385KB

    • MD5

      00370217c8c088918ba767eb1ae29b6d

    • SHA1

      97a3d10dfb2ad99234392f4ceffa14696d1ee480

    • SHA256

      335bb87370b9ba4f8760a2bbc115420d25c5f6188eeac3e594755326559ddfaf

    • SHA512

      87d96527a6faabddf4b9447dc65d1ab02603d33041c2363ead8c3add006de61aa4257f1bbce54807534ebebe84aef4fbe7200dc662ab68b7feb01392d90176b0

    • SSDEEP

      6144:JCO1Vq3dMOSZAqd1tggP/hxzXW3jR3koT6YjfS2Tfm:sO1Vq3GOSSqdngq/XzmhkoT6cSEm

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks