General

  • Target

    6cd549c8d4e3082093a0c2ffac2db9b8333389eb8867726a3f82517dd40a8dcc

  • Size

    304KB

  • Sample

    241110-bjk9kswepg

  • MD5

    1c4a1b2dc257af4e460938beedeff1f6

  • SHA1

    2c1edfe0844e626356243dd98d677af72c635b8e

  • SHA256

    6cd549c8d4e3082093a0c2ffac2db9b8333389eb8867726a3f82517dd40a8dcc

  • SHA512

    88473aa002bcf14fa447cc9b9496293afe16ac03a9135a30600fc7bb112624fbae75a54ea2f61dc275522a2b117500e6143f0f32d78118d5e7832267848700ba

  • SSDEEP

    6144:HJuJpYRTBgx//G370F+KYZWFfcMulOfFm7MrA8gQ2peYFs3E0jvJQO:HJm6TBA/G4F/CyfQeFXKQ2cpU0jJQO

Malware Config

Extracted

Family

redline

Botnet

nokia

C2

31.41.244.198:4083

Attributes
  • auth_value

    3b38e056d594ae0cf1368e6e1daa3a4e

Targets

    • Target

      e6d50171c3cf103623f8e329142ffb7782ede547fe1eb128a81e7edd4a88c790

    • Size

      404KB

    • MD5

      fd06a1624dc8490c5904fca4da4fbab6

    • SHA1

      405eecfcf972943fdc13243075f736010ea82615

    • SHA256

      e6d50171c3cf103623f8e329142ffb7782ede547fe1eb128a81e7edd4a88c790

    • SHA512

      8fa0c6fa22045383a541195544268a25a72a0e682cf7be8b82094152e0a044f6a3da401f10a75ed45a5e2e637d106288fda143e5470bb3209e3f237a80bf5a4e

    • SSDEEP

      6144:KlLJz+AeTP0eZx//G370D+KYZWFfQMulWfFm79wih2oLqRUcrHz+3ng+E49Hwchm:Kl1+AW/G4D/Cyf86F+rL9cvwnVZH9P3

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks