General

  • Target

    4e61279b1e230bb4e431a295b074ebbe

  • Size

    449KB

  • Sample

    241110-bkkpfayphm

  • MD5

    4e61279b1e230bb4e431a295b074ebbe

  • SHA1

    aef4a3041c86b881c04461cebb6eb8ac7d052aff

  • SHA256

    24fdffbb00ab949a1197b14652cd6aba3e520600961774bd42a48b7b33763a21

  • SHA512

    df749516a7c28eb099f33395e3bc3b4d584b80e0ce32b099053181bdfe29ead5daa750cc7a484da94427bcede79cb367951e65fcd33c3f8ab0ee9ad678219c63

  • SSDEEP

    12288:93gN5CAoWLUcJzYzwW0T9M6K9onLx0WcBM:HAoWoOW0hM6TnLxMM

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      4e61279b1e230bb4e431a295b074ebbe

    • Size

      449KB

    • MD5

      4e61279b1e230bb4e431a295b074ebbe

    • SHA1

      aef4a3041c86b881c04461cebb6eb8ac7d052aff

    • SHA256

      24fdffbb00ab949a1197b14652cd6aba3e520600961774bd42a48b7b33763a21

    • SHA512

      df749516a7c28eb099f33395e3bc3b4d584b80e0ce32b099053181bdfe29ead5daa750cc7a484da94427bcede79cb367951e65fcd33c3f8ab0ee9ad678219c63

    • SSDEEP

      12288:93gN5CAoWLUcJzYzwW0T9M6K9onLx0WcBM:HAoWoOW0hM6TnLxMM

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks