General

  • Target

    2cac686d4965d0c05bebe7bff71aaf0b60e50c9fc8d52e2a8c3c018fb0dd1871

  • Size

    337KB

  • Sample

    241110-h2ctgssckm

  • MD5

    ab755867523cc3d903d92f3c328954df

  • SHA1

    d72d7a3fcc1fb7f2318f6b5f5d9ade8da01e02b3

  • SHA256

    2cac686d4965d0c05bebe7bff71aaf0b60e50c9fc8d52e2a8c3c018fb0dd1871

  • SHA512

    ddff701a4d5ba9d479adf831341f6a489dc4660099b113496bdeeec1dd5fde3efd6f6e910943493b78e6f59f1d6bdb6fdf8886a75fdeedb09e8dc3f8d16e658e

  • SSDEEP

    6144:nbDQmioYCCAYp5fRZOVANlZ1iJ5ZccG7uMR9NX23BoIgPEDZCO4lw1JedPlC:nbDQ7LpDcVAN1lDm3BoIgPEDZCO4lw1H

Malware Config

Extracted

Family

redline

Botnet

24.01

C2

37.220.86.164:29170

Attributes
  • auth_value

    1c7f0aa21138601b5201a3a4a0123991

Targets

    • Target

      2cac686d4965d0c05bebe7bff71aaf0b60e50c9fc8d52e2a8c3c018fb0dd1871

    • Size

      337KB

    • MD5

      ab755867523cc3d903d92f3c328954df

    • SHA1

      d72d7a3fcc1fb7f2318f6b5f5d9ade8da01e02b3

    • SHA256

      2cac686d4965d0c05bebe7bff71aaf0b60e50c9fc8d52e2a8c3c018fb0dd1871

    • SHA512

      ddff701a4d5ba9d479adf831341f6a489dc4660099b113496bdeeec1dd5fde3efd6f6e910943493b78e6f59f1d6bdb6fdf8886a75fdeedb09e8dc3f8d16e658e

    • SSDEEP

      6144:nbDQmioYCCAYp5fRZOVANlZ1iJ5ZccG7uMR9NX23BoIgPEDZCO4lw1JedPlC:nbDQ7LpDcVAN1lDm3BoIgPEDZCO4lw1H

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks