General

  • Target

    b6778612f98927378e6774add3c2d5de0a8c052d1e360d18071796e02a2b22d4

  • Size

    477KB

  • Sample

    241110-t1tldstncq

  • MD5

    b47d1e1b698974f3461e37b60c321b8f

  • SHA1

    feb285e5a74819854ad5786533326740fe8a46d7

  • SHA256

    b6778612f98927378e6774add3c2d5de0a8c052d1e360d18071796e02a2b22d4

  • SHA512

    71424ae2c3aaba778c217abd85714a80b0d434cb815f3e8e485b8fd35b03dfbdcf75ffef72001dc0e485d85d7a2c9c042208c43533a754ecbf28add21f4eb5d6

  • SSDEEP

    12288:eMrEy90/s7K0V6YinUlR9pIPAZ4/bcn3ZwE4tn:iy4YvVV1pIPW4zcnpwDn

Malware Config

Extracted

Family

redline

Botnet

fusa

C2

193.233.20.12:4132

Attributes
  • auth_value

    a08b2f01bd2af756e38c5dd60e87e697

Targets

    • Target

      b6778612f98927378e6774add3c2d5de0a8c052d1e360d18071796e02a2b22d4

    • Size

      477KB

    • MD5

      b47d1e1b698974f3461e37b60c321b8f

    • SHA1

      feb285e5a74819854ad5786533326740fe8a46d7

    • SHA256

      b6778612f98927378e6774add3c2d5de0a8c052d1e360d18071796e02a2b22d4

    • SHA512

      71424ae2c3aaba778c217abd85714a80b0d434cb815f3e8e485b8fd35b03dfbdcf75ffef72001dc0e485d85d7a2c9c042208c43533a754ecbf28add21f4eb5d6

    • SSDEEP

      12288:eMrEy90/s7K0V6YinUlR9pIPAZ4/bcn3ZwE4tn:iy4YvVV1pIPW4zcnpwDn

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks