General

  • Target

    dc8b47cb84a89c95a8a9db727ad9ee12

  • Size

    415KB

  • Sample

    241111-ggy1jstglm

  • MD5

    dc8b47cb84a89c95a8a9db727ad9ee12

  • SHA1

    ea0aa9970c8d095776004f19d541ef6f7ec34405

  • SHA256

    c72375c9eec68ffbc06560422b1b33f0e7b1949cdb0484ac8c662875c20906d4

  • SHA512

    5b74a47546489936b3454954e7e90fdfc704dbed77ec3da947363c88052670c5c8c23a3bfcb4d6df1e9e7a0740b24de2673bfe6a2d289c4757cda5ec19858e40

  • SSDEEP

    6144:DnuJRigTmno+NhzIG5SPrVFCg1ASe0gbMnjHwVtLTDi34JQ4kokiV:DuyQmoihzIG5S3CQASwMDupP

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      dc8b47cb84a89c95a8a9db727ad9ee12

    • Size

      415KB

    • MD5

      dc8b47cb84a89c95a8a9db727ad9ee12

    • SHA1

      ea0aa9970c8d095776004f19d541ef6f7ec34405

    • SHA256

      c72375c9eec68ffbc06560422b1b33f0e7b1949cdb0484ac8c662875c20906d4

    • SHA512

      5b74a47546489936b3454954e7e90fdfc704dbed77ec3da947363c88052670c5c8c23a3bfcb4d6df1e9e7a0740b24de2673bfe6a2d289c4757cda5ec19858e40

    • SSDEEP

      6144:DnuJRigTmno+NhzIG5SPrVFCg1ASe0gbMnjHwVtLTDi34JQ4kokiV:DuyQmoihzIG5S3CQASwMDupP

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks