General

  • Target

    8f1d2352903436f1559fa0db95d3cdb733a326cbb5754830947e720380fab58c

  • Size

    260KB

  • Sample

    241111-gf6c8stkbz

  • MD5

    27eb179be1b7a37f06596f4593d0fbf2

  • SHA1

    41cf0246b677c39355833ac4db590d65b84b9a0a

  • SHA256

    8f1d2352903436f1559fa0db95d3cdb733a326cbb5754830947e720380fab58c

  • SHA512

    18661035276c7f1f5b4335da13289cf76efc1ef242c6ef3b89eb293ea066dd5b96415b19b136e724f07cee318e6499fefd57675a95f3b0c8d11ebb475565e3b8

  • SSDEEP

    6144:1f1HR+74lIHxlmaF9ViyC14Mo2eMKnj9y4m3sg8uEru6:F1iOIR4EVHC14seJk4mi

Malware Config

Extracted

Family

redline

Botnet

trud

C2

31.41.244.198:4083

Attributes
  • auth_value

    a5942e18edc400a8c1782120906798ef

Targets

    • Target

      0ed4238f61436d8bae55f4dd102bbf5c253fe86d63f8020aff309e09486743cd

    • Size

      343KB

    • MD5

      94059cd17f2fd7c054042afe7de95c68

    • SHA1

      79390536df0380c1c1f09d38ead746d7d561f291

    • SHA256

      0ed4238f61436d8bae55f4dd102bbf5c253fe86d63f8020aff309e09486743cd

    • SHA512

      d7d6b6280e17b978b7d659b02847dd830f3421542a1586e33374c06936349a885a731f5ea554434d69a3132588b831bcba6f0ef7c2e3cb563e227ff7eaff8d26

    • SSDEEP

      3072:eDy9LUk5a5nY6YZRkGID4+hV5xloVcF3NViJ8XQZOsKvG/OXWjlflGMKWajIxwaj:1LUWJIHxloaF9Viy014M02QMKnjLaMI

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks