General

  • Target

    ef502722e76f66cfe93e458ab9462786f9b3b5d53df788860a38fafbfdae6484

  • Size

    552KB

  • Sample

    241110-zx6dnsvepr

  • MD5

    eae0ec4259bebba7baa281352f877ea8

  • SHA1

    9e5428a22fd8c1b40474700e97c85e676b1e5985

  • SHA256

    ef502722e76f66cfe93e458ab9462786f9b3b5d53df788860a38fafbfdae6484

  • SHA512

    de256de4802b4973661e6b866866f00fe00690909b1322c06dc639463010e65aef0c67542f6469711316a8fefe2a8825a328ad20845b54b8f157a23147033030

  • SSDEEP

    12288:KMrcy903aIT+uR287E0/ehlDZh552f4xh:Ky0X+uI87devLbCq

Malware Config

Extracted

Family

redline

Botnet

fusa

C2

193.233.20.12:4132

Attributes
  • auth_value

    a08b2f01bd2af756e38c5dd60e87e697

Targets

    • Target

      ef502722e76f66cfe93e458ab9462786f9b3b5d53df788860a38fafbfdae6484

    • Size

      552KB

    • MD5

      eae0ec4259bebba7baa281352f877ea8

    • SHA1

      9e5428a22fd8c1b40474700e97c85e676b1e5985

    • SHA256

      ef502722e76f66cfe93e458ab9462786f9b3b5d53df788860a38fafbfdae6484

    • SHA512

      de256de4802b4973661e6b866866f00fe00690909b1322c06dc639463010e65aef0c67542f6469711316a8fefe2a8825a328ad20845b54b8f157a23147033030

    • SSDEEP

      12288:KMrcy903aIT+uR287E0/ehlDZh552f4xh:Ky0X+uI87devLbCq

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks