General

  • Target

    3a24377b9629f248ad411c6bb888d083908c802521344862f1a65b2810ae0a56

  • Size

    874KB

  • Sample

    241110-bnpgssweml

  • MD5

    56482e6b0c9279e0b1eb7d2a9ac7e9e5

  • SHA1

    cfdaa0219663ecd53f9e1ec44e8d367ae38f437c

  • SHA256

    3a24377b9629f248ad411c6bb888d083908c802521344862f1a65b2810ae0a56

  • SHA512

    e67ee98b53a56053225f4660dad0b5a959cfecd6b15e7aa0ae67d3e70179bb75d1c2405aacc63d5862163f699c40f45e28a320a4685e78e53f67a8777c3381b4

  • SSDEEP

    24576:8yYMNn2JugxjvjSLt47WFrrnE4/aJkC6K3j5JMkxF4/di:rYMt2Ju2j+JBnJaJJ93jdod

Malware Config

Extracted

Family

redline

Botnet

dimas

C2

185.161.248.75:4132

Attributes
  • auth_value

    a5db9b1c53c704e612bccc93ccdb5539

Targets

    • Target

      3a24377b9629f248ad411c6bb888d083908c802521344862f1a65b2810ae0a56

    • Size

      874KB

    • MD5

      56482e6b0c9279e0b1eb7d2a9ac7e9e5

    • SHA1

      cfdaa0219663ecd53f9e1ec44e8d367ae38f437c

    • SHA256

      3a24377b9629f248ad411c6bb888d083908c802521344862f1a65b2810ae0a56

    • SHA512

      e67ee98b53a56053225f4660dad0b5a959cfecd6b15e7aa0ae67d3e70179bb75d1c2405aacc63d5862163f699c40f45e28a320a4685e78e53f67a8777c3381b4

    • SSDEEP

      24576:8yYMNn2JugxjvjSLt47WFrrnE4/aJkC6K3j5JMkxF4/di:rYMt2Ju2j+JBnJaJJ93jdod

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks