General

  • Target

    8b0d2e2465676b9923f6577a3747f70de5763405a90c3dce6278e4e794d4d307

  • Size

    272KB

  • Sample

    241110-bf48aawdkl

  • MD5

    dedcb344a34b09437e5c846d6d3818d7

  • SHA1

    4447535d0cd7c337a13eeaabf30d4c7015f26d2c

  • SHA256

    8b0d2e2465676b9923f6577a3747f70de5763405a90c3dce6278e4e794d4d307

  • SHA512

    f44064e176c6d3ed5a51b66d4a5d9501085a13d5bc6958a4ff0664681d78e57a69aa74455239e16034cb1de4872959ade7c5652495c9236ce996bd5b8e1911b0

  • SSDEEP

    3072:A6joELz6lmfCJRNa0UcAO0kk+aVpvLV9Kno40NQnLhFNnTrOafMfxNn2pU9f2MK+:A6jsJaDcATkk+anvLVozLhHnR

Malware Config

Extracted

Family

redline

Botnet

rodik

C2

193.233.20.23:4124

Attributes
  • auth_value

    59b6e22e7cfd9b5fa0c99d1942f7c85d

Targets

    • Target

      8b0d2e2465676b9923f6577a3747f70de5763405a90c3dce6278e4e794d4d307

    • Size

      272KB

    • MD5

      dedcb344a34b09437e5c846d6d3818d7

    • SHA1

      4447535d0cd7c337a13eeaabf30d4c7015f26d2c

    • SHA256

      8b0d2e2465676b9923f6577a3747f70de5763405a90c3dce6278e4e794d4d307

    • SHA512

      f44064e176c6d3ed5a51b66d4a5d9501085a13d5bc6958a4ff0664681d78e57a69aa74455239e16034cb1de4872959ade7c5652495c9236ce996bd5b8e1911b0

    • SSDEEP

      3072:A6joELz6lmfCJRNa0UcAO0kk+aVpvLV9Kno40NQnLhFNnTrOafMfxNn2pU9f2MK+:A6jsJaDcATkk+anvLVozLhHnR

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks