General

  • Target

    97bc2bd29f13b7d2122fefa497e1f7e80348aed160cea6e13b26944804b63d3e

  • Size

    373KB

  • Sample

    241110-awag6svhqp

  • MD5

    22f5ea53e2797f33c895ec36e52fde2c

  • SHA1

    c03f2a322740eee687b41173c1d4419fa535d814

  • SHA256

    97bc2bd29f13b7d2122fefa497e1f7e80348aed160cea6e13b26944804b63d3e

  • SHA512

    c2732e64873ffedc6479e535f2d002c90ecc7139defa05ff4db168b09be7f09f94add14942c52280f7d8fa2b6e48dbbe5d46decc9e7d4eca491b65645b97f4ab

  • SSDEEP

    6144:PEgSTsQoPSeYmSi3luWQfDCS9I54qlRZetuHs7:PEgS4QPerwvfDCso/TH

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      97bc2bd29f13b7d2122fefa497e1f7e80348aed160cea6e13b26944804b63d3e

    • Size

      373KB

    • MD5

      22f5ea53e2797f33c895ec36e52fde2c

    • SHA1

      c03f2a322740eee687b41173c1d4419fa535d814

    • SHA256

      97bc2bd29f13b7d2122fefa497e1f7e80348aed160cea6e13b26944804b63d3e

    • SHA512

      c2732e64873ffedc6479e535f2d002c90ecc7139defa05ff4db168b09be7f09f94add14942c52280f7d8fa2b6e48dbbe5d46decc9e7d4eca491b65645b97f4ab

    • SSDEEP

      6144:PEgSTsQoPSeYmSi3luWQfDCS9I54qlRZetuHs7:PEgS4QPerwvfDCso/TH

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks