General

  • Target

    0b9019d00d0f416d854fc2751fa8b0b16925c7c243bd01a00f7f7ff5dbe39798

  • Size

    168KB

  • Sample

    241110-x8hqmstbrj

  • MD5

    b66964efa9ef2d5501090c0240324cb1

  • SHA1

    8182771e5eea61478e794affa57bbf03e9562957

  • SHA256

    0b9019d00d0f416d854fc2751fa8b0b16925c7c243bd01a00f7f7ff5dbe39798

  • SHA512

    6b8de32b7bdfac8a7ad1033de35b47cde4e0e35f7cae8c953a7929b6962477bcba972ac28a90a4207b1edade1caf3a7b46f23ce8b19bcad4df00d88e44d8bfa9

  • SSDEEP

    1536:Eq24CeDYZ5QqlVZRGWoysHrt3la3cOo+TGqV0buhoxW7/C6gX83wYk/8e8hK:EObYH2HaXEqVMVxI/C6gXh8e8hK

Malware Config

Extracted

Family

redline

Botnet

daris

C2

217.196.96.56:4138

Attributes
  • auth_value

    3491f24ae0250969cd45ce4b3fe77549

Targets

    • Target

      0b9019d00d0f416d854fc2751fa8b0b16925c7c243bd01a00f7f7ff5dbe39798

    • Size

      168KB

    • MD5

      b66964efa9ef2d5501090c0240324cb1

    • SHA1

      8182771e5eea61478e794affa57bbf03e9562957

    • SHA256

      0b9019d00d0f416d854fc2751fa8b0b16925c7c243bd01a00f7f7ff5dbe39798

    • SHA512

      6b8de32b7bdfac8a7ad1033de35b47cde4e0e35f7cae8c953a7929b6962477bcba972ac28a90a4207b1edade1caf3a7b46f23ce8b19bcad4df00d88e44d8bfa9

    • SSDEEP

      1536:Eq24CeDYZ5QqlVZRGWoysHrt3la3cOo+TGqV0buhoxW7/C6gX83wYk/8e8hK:EObYH2HaXEqVMVxI/C6gXh8e8hK

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks