General

  • Target

    7e7abc404ab4e99cce5cc516b94f8d37580f26752d4c72004106d35f87e15a70

  • Size

    372KB

  • Sample

    241110-b4lqvawlbv

  • MD5

    36ed6a4f345ad046a2f3326ae266976c

  • SHA1

    aa9da06b1dab845c3623d9a5aa31780e7184ec29

  • SHA256

    7e7abc404ab4e99cce5cc516b94f8d37580f26752d4c72004106d35f87e15a70

  • SHA512

    60f09ec4225626ac7cded327a53be05b5608d7f4df1f41dc21a0a24ac3fdf76cbc982714a2b473ea887ae0f2a991a0a6ca9736bd701fa46be49c5e19e32ac06e

  • SSDEEP

    6144:TEgBsmV8x0G9YfYxVvS1wvjNiaaLSjnA:TEg0BxYCEaa

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      7e7abc404ab4e99cce5cc516b94f8d37580f26752d4c72004106d35f87e15a70

    • Size

      372KB

    • MD5

      36ed6a4f345ad046a2f3326ae266976c

    • SHA1

      aa9da06b1dab845c3623d9a5aa31780e7184ec29

    • SHA256

      7e7abc404ab4e99cce5cc516b94f8d37580f26752d4c72004106d35f87e15a70

    • SHA512

      60f09ec4225626ac7cded327a53be05b5608d7f4df1f41dc21a0a24ac3fdf76cbc982714a2b473ea887ae0f2a991a0a6ca9736bd701fa46be49c5e19e32ac06e

    • SSDEEP

      6144:TEgBsmV8x0G9YfYxVvS1wvjNiaaLSjnA:TEg0BxYCEaa

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks