General

  • Target

    267701b16f862fee8ccb3fc2af4c8ae4c10659170881fe4e6a1da1decf3bcad6

  • Size

    730KB

  • Sample

    241110-mln9ssvgnd

  • MD5

    b857fe8fdaf9b23c50f6de0c77c84e5d

  • SHA1

    c04d9d4ac22e96bea3a3a8575df64ade2a1d0a2b

  • SHA256

    267701b16f862fee8ccb3fc2af4c8ae4c10659170881fe4e6a1da1decf3bcad6

  • SHA512

    0141660f48e818939e01e969c46a8156af92533d3de77b229d41e803904a1cd23cc8eceadb3e664c375ac2d69d257d856f75592a4f5ee987c134106210cf8362

  • SSDEEP

    12288:YMrBy90BHqNmXvrJkC+FEwp6ZwPlTJ9FqCCHsg98yUdDNi6G8VzFRHL4pswkp:JySHq8/lr+F56ZwTFgmFN6Wwkp

Malware Config

Extracted

Family

redline

Botnet

dars

C2

83.97.73.127:19045

Attributes
  • auth_value

    7cd208e6b6c927262304d5d4d88647fd

Targets

    • Target

      267701b16f862fee8ccb3fc2af4c8ae4c10659170881fe4e6a1da1decf3bcad6

    • Size

      730KB

    • MD5

      b857fe8fdaf9b23c50f6de0c77c84e5d

    • SHA1

      c04d9d4ac22e96bea3a3a8575df64ade2a1d0a2b

    • SHA256

      267701b16f862fee8ccb3fc2af4c8ae4c10659170881fe4e6a1da1decf3bcad6

    • SHA512

      0141660f48e818939e01e969c46a8156af92533d3de77b229d41e803904a1cd23cc8eceadb3e664c375ac2d69d257d856f75592a4f5ee987c134106210cf8362

    • SSDEEP

      12288:YMrBy90BHqNmXvrJkC+FEwp6ZwPlTJ9FqCCHsg98yUdDNi6G8VzFRHL4pswkp:JySHq8/lr+F56ZwTFgmFN6Wwkp

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks