General

  • Target

    14b5d1fe2837ce66754d7f6e62126642ff66ade264e9f27dd9f0c7273866d151

  • Size

    449KB

  • Sample

    241110-bfc4ssypbr

  • MD5

    97eee7214a4d834f06b988bc1aa93647

  • SHA1

    28e56c76282daaee5ab5e16591e8cc0e41650d0f

  • SHA256

    14b5d1fe2837ce66754d7f6e62126642ff66ade264e9f27dd9f0c7273866d151

  • SHA512

    ca987302b5b9cd6a242b61dab2d1fefb2858220bdbb49fc4242a3f0f5b922e30d04dfcee90a2476e6432d009b6c788eec967d726d79340c8f8da6e6b5eacca24

  • SSDEEP

    12288:93gN5CAoWLUcJzYzwW0T9M6K9onLx0WcBM:HAoWoOW0hM6TnLxMM

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      14b5d1fe2837ce66754d7f6e62126642ff66ade264e9f27dd9f0c7273866d151

    • Size

      449KB

    • MD5

      97eee7214a4d834f06b988bc1aa93647

    • SHA1

      28e56c76282daaee5ab5e16591e8cc0e41650d0f

    • SHA256

      14b5d1fe2837ce66754d7f6e62126642ff66ade264e9f27dd9f0c7273866d151

    • SHA512

      ca987302b5b9cd6a242b61dab2d1fefb2858220bdbb49fc4242a3f0f5b922e30d04dfcee90a2476e6432d009b6c788eec967d726d79340c8f8da6e6b5eacca24

    • SSDEEP

      12288:93gN5CAoWLUcJzYzwW0T9M6K9onLx0WcBM:HAoWoOW0hM6TnLxMM

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks