General

  • Target

    a7672e3d16080e9b9df498dc6b4548ef261dbed91e8ba371f8157e20071e652c

  • Size

    272KB

  • Sample

    241111-d7txqs1ncw

  • MD5

    8e569f6243c7d766cf8ab6b6c3a8c15a

  • SHA1

    8eccc786004b978e8984ce7af473ab8da2cad95f

  • SHA256

    a7672e3d16080e9b9df498dc6b4548ef261dbed91e8ba371f8157e20071e652c

  • SHA512

    6e2c8a9102745e57f8fbb86ff80d5748356777a6b054b2f5a0bcbca6307db66416b30831561e229598ced9fad479844110829612dbfd1ae70cd1cd6209998a9b

  • SSDEEP

    3072:A6joELz6lmfCJRNa0UcAO0kk+aVpvLV9Kno40NQnLhFNnTrOafMfxNn2pU9f2MK+:A6jsJaDcATkk+anvLVozLhHnR

Malware Config

Extracted

Family

redline

Botnet

rodik

C2

193.233.20.23:4124

Attributes
  • auth_value

    59b6e22e7cfd9b5fa0c99d1942f7c85d

Targets

    • Target

      a7672e3d16080e9b9df498dc6b4548ef261dbed91e8ba371f8157e20071e652c

    • Size

      272KB

    • MD5

      8e569f6243c7d766cf8ab6b6c3a8c15a

    • SHA1

      8eccc786004b978e8984ce7af473ab8da2cad95f

    • SHA256

      a7672e3d16080e9b9df498dc6b4548ef261dbed91e8ba371f8157e20071e652c

    • SHA512

      6e2c8a9102745e57f8fbb86ff80d5748356777a6b054b2f5a0bcbca6307db66416b30831561e229598ced9fad479844110829612dbfd1ae70cd1cd6209998a9b

    • SSDEEP

      3072:A6joELz6lmfCJRNa0UcAO0kk+aVpvLV9Kno40NQnLhFNnTrOafMfxNn2pU9f2MK+:A6jsJaDcATkk+anvLVozLhHnR

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks