General

  • Target

    2881554e8dec19dd21c5c8620ced0884b102d9a028ceaad6fe8e635841f3f737

  • Size

    272KB

  • Sample

    241110-w9j5essglf

  • MD5

    c4dd9656540ca56208dcd03c8f474c34

  • SHA1

    a7e8d1b78ea413ed041fda877dc89b7d13f03857

  • SHA256

    2881554e8dec19dd21c5c8620ced0884b102d9a028ceaad6fe8e635841f3f737

  • SHA512

    51a7cdd05cef847c66ea843c424ff040c670c9d09aca661f482b9027d40f812244fcfa94fb22678b6a613367e1bb810965c02743d5d2da5c4c0eee1d0fd8d543

  • SSDEEP

    3072:p6j4ELH6Vt7CENpmh6sLKR+utY/edHbpiWo40mTJghm0nlQoYKgQmExNn2pU9f2U:p6jgppZsLKwuAexbpZghdnlQH5Q/

Malware Config

Extracted

Family

redline

Botnet

romik

C2

193.233.20.12:4132

Attributes
  • auth_value

    8fb78d2889ba0ca42678b59b884e88ff

Targets

    • Target

      2881554e8dec19dd21c5c8620ced0884b102d9a028ceaad6fe8e635841f3f737

    • Size

      272KB

    • MD5

      c4dd9656540ca56208dcd03c8f474c34

    • SHA1

      a7e8d1b78ea413ed041fda877dc89b7d13f03857

    • SHA256

      2881554e8dec19dd21c5c8620ced0884b102d9a028ceaad6fe8e635841f3f737

    • SHA512

      51a7cdd05cef847c66ea843c424ff040c670c9d09aca661f482b9027d40f812244fcfa94fb22678b6a613367e1bb810965c02743d5d2da5c4c0eee1d0fd8d543

    • SSDEEP

      3072:p6j4ELH6Vt7CENpmh6sLKR+utY/edHbpiWo40mTJghm0nlQoYKgQmExNn2pU9f2U:p6jgppZsLKwuAexbpZghdnlQH5Q/

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks