General

  • Target

    df75abc319eed8d7d945bd86ab209e70d1e78802f9c5cbb5bc8b15073360a209

  • Size

    272KB

  • Sample

    241111-g33wmatmgy

  • MD5

    2d82481b0d769b23b207bd2f3647a1c3

  • SHA1

    39c4202450c618167cea9e783519ea8f18a4e4e1

  • SHA256

    df75abc319eed8d7d945bd86ab209e70d1e78802f9c5cbb5bc8b15073360a209

  • SHA512

    88f0ff5e38cdf28775592d0c20791b8fccc4d19333432d69f496e3566cedaf12038415c17c9ea220fe5cad098df0f10c21e6d9f0f80c2a6b4edf7f89d980da67

  • SSDEEP

    3072:p6j4ELH6Vt7CENpmh6sLKR+utY/edHbpiWo40mTJghm0nlQoYKgQmExNn2pU9f2v:p6jgppZsLKwuAexbpZghdnlQH5QO

Malware Config

Extracted

Family

redline

Botnet

romik

C2

193.233.20.12:4132

Attributes
  • auth_value

    8fb78d2889ba0ca42678b59b884e88ff

Targets

    • Target

      df75abc319eed8d7d945bd86ab209e70d1e78802f9c5cbb5bc8b15073360a209

    • Size

      272KB

    • MD5

      2d82481b0d769b23b207bd2f3647a1c3

    • SHA1

      39c4202450c618167cea9e783519ea8f18a4e4e1

    • SHA256

      df75abc319eed8d7d945bd86ab209e70d1e78802f9c5cbb5bc8b15073360a209

    • SHA512

      88f0ff5e38cdf28775592d0c20791b8fccc4d19333432d69f496e3566cedaf12038415c17c9ea220fe5cad098df0f10c21e6d9f0f80c2a6b4edf7f89d980da67

    • SSDEEP

      3072:p6j4ELH6Vt7CENpmh6sLKR+utY/edHbpiWo40mTJghm0nlQoYKgQmExNn2pU9f2v:p6jgppZsLKwuAexbpZghdnlQH5QO

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks