General

  • Target

    03501cfc4db253e65a98356cc7e59384e3b73c61f9b7c4c4232b8ee5b6339d75.exe

  • Size

    272KB

  • Sample

    241110-yq6v7axkeq

  • MD5

    ddebf7ad479c2df293db0979fcaa5f9c

  • SHA1

    b60244e768068a39f42a06012ebe6ff0ea1e3c11

  • SHA256

    03501cfc4db253e65a98356cc7e59384e3b73c61f9b7c4c4232b8ee5b6339d75

  • SHA512

    e207d5c1ad922ca1aa4c1f5316868003e9d755d5219315aed544f238e64954e7daad861cfee917075bf1faa08b50262ef2c55900d49447b42ce02a3845868a19

  • SSDEEP

    3072:A6joELz6lmfCJRNa0UcAO0kk+aVpvLV9Kno40NQnLhFNnTrOafMfxNn2pU9f2MKw:A6jsJaDcATkk+anvLVozLhHnR4

Malware Config

Extracted

Family

redline

Botnet

rodik

C2

193.233.20.23:4124

Attributes
  • auth_value

    59b6e22e7cfd9b5fa0c99d1942f7c85d

Targets

    • Target

      03501cfc4db253e65a98356cc7e59384e3b73c61f9b7c4c4232b8ee5b6339d75.exe

    • Size

      272KB

    • MD5

      ddebf7ad479c2df293db0979fcaa5f9c

    • SHA1

      b60244e768068a39f42a06012ebe6ff0ea1e3c11

    • SHA256

      03501cfc4db253e65a98356cc7e59384e3b73c61f9b7c4c4232b8ee5b6339d75

    • SHA512

      e207d5c1ad922ca1aa4c1f5316868003e9d755d5219315aed544f238e64954e7daad861cfee917075bf1faa08b50262ef2c55900d49447b42ce02a3845868a19

    • SSDEEP

      3072:A6joELz6lmfCJRNa0UcAO0kk+aVpvLV9Kno40NQnLhFNnTrOafMfxNn2pU9f2MKw:A6jsJaDcATkk+anvLVozLhHnR4

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks