General

  • Target

    973ab92d5733a9dfcf5501d572930d08ac1ed174c0875ffa95ac23962c5e14c8

  • Size

    473KB

  • Sample

    241111-e28dlstaqd

  • MD5

    ff80564d07215aa1507e132760f98646

  • SHA1

    45de7312f6f703b717e629240680384ac10165e1

  • SHA256

    973ab92d5733a9dfcf5501d572930d08ac1ed174c0875ffa95ac23962c5e14c8

  • SHA512

    23aa303edfc1dfdc7e8a3800e9de7f331fcc2bdbea4b879aec17cf71639c0e5c10738339dee29e85ffa245639bd675beb110c7081e53253d396fa1c0e6eaf184

  • SSDEEP

    12288:uMrMy907Xc8V5sQoyIho+V5wTIqFvXif:OyAXlVNodo+v9ok

Malware Config

Extracted

Family

redline

Botnet

fusa

C2

193.233.20.12:4132

Attributes
  • auth_value

    a08b2f01bd2af756e38c5dd60e87e697

Targets

    • Target

      973ab92d5733a9dfcf5501d572930d08ac1ed174c0875ffa95ac23962c5e14c8

    • Size

      473KB

    • MD5

      ff80564d07215aa1507e132760f98646

    • SHA1

      45de7312f6f703b717e629240680384ac10165e1

    • SHA256

      973ab92d5733a9dfcf5501d572930d08ac1ed174c0875ffa95ac23962c5e14c8

    • SHA512

      23aa303edfc1dfdc7e8a3800e9de7f331fcc2bdbea4b879aec17cf71639c0e5c10738339dee29e85ffa245639bd675beb110c7081e53253d396fa1c0e6eaf184

    • SSDEEP

      12288:uMrMy907Xc8V5sQoyIho+V5wTIqFvXif:OyAXlVNodo+v9ok

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks