General

  • Target

    a06d5fdca43f676bbed32b0d369d45f6265bd86a921215078e5f61d466a2687e

  • Size

    489KB

  • Sample

    241111-bv9fjszdmd

  • MD5

    3fd044e31bbca5fd7de875f96116e9f0

  • SHA1

    61820eddff99f84d45906ffc55f681daca5604e5

  • SHA256

    a06d5fdca43f676bbed32b0d369d45f6265bd86a921215078e5f61d466a2687e

  • SHA512

    56805b145a0e6b35c1b415d36d474c01019edd7b748a49200ece4e5cc1f229d0afefb6bba02a44b5af7c2b896c05b3779311d9ff09894bc442ab041338abb4b2

  • SSDEEP

    12288:FMrhy90zwy7miItztxx/egvZPJGnEg+HoL99D4s:Yyewp/pt2wZopwox9cs

Malware Config

Extracted

Family

redline

Botnet

dubur

C2

217.196.96.102:4132

Attributes
  • auth_value

    32d04179aa1e8d655d2d80c21f99de41

Targets

    • Target

      a06d5fdca43f676bbed32b0d369d45f6265bd86a921215078e5f61d466a2687e

    • Size

      489KB

    • MD5

      3fd044e31bbca5fd7de875f96116e9f0

    • SHA1

      61820eddff99f84d45906ffc55f681daca5604e5

    • SHA256

      a06d5fdca43f676bbed32b0d369d45f6265bd86a921215078e5f61d466a2687e

    • SHA512

      56805b145a0e6b35c1b415d36d474c01019edd7b748a49200ece4e5cc1f229d0afefb6bba02a44b5af7c2b896c05b3779311d9ff09894bc442ab041338abb4b2

    • SSDEEP

      12288:FMrhy90zwy7miItztxx/egvZPJGnEg+HoL99D4s:Yyewp/pt2wZopwox9cs

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.