General

  • Target

    db0a3abe1f541ea30a45894f971666ed50b43938e2ad01ab0bf9322aa34527d7N

  • Size

    383KB

  • Sample

    241111-gt1d5sxqbn

  • MD5

    971d89ce80b90e6c2466c9bcbfddc9c0

  • SHA1

    2d8a489e063212141fca50f9f592046fa2f1740e

  • SHA256

    db0a3abe1f541ea30a45894f971666ed50b43938e2ad01ab0bf9322aa34527d7

  • SHA512

    44cc9c58ffce27cdf70052af69be3dfea3527a1aa5fe2fb3188564aefee59918202e2880d97756926f4da295f3b5b95f5c2a8f78f27d30120e8236f53d95b30e

  • SSDEEP

    6144:RK0bNgJ2LWxhvH7zHBzqE6/15CJZkEypV3qa2DoQGtwYkTfz:RK0bNgsLW3/PHIEulTnOVVYSz

Malware Config

Extracted

Family

redline

Botnet

boris

C2

193.233.20.32:4125

Attributes
  • auth_value

    766b5bdf6dbefcf7ca223351952fc38f

Targets

    • Target

      db0a3abe1f541ea30a45894f971666ed50b43938e2ad01ab0bf9322aa34527d7N

    • Size

      383KB

    • MD5

      971d89ce80b90e6c2466c9bcbfddc9c0

    • SHA1

      2d8a489e063212141fca50f9f592046fa2f1740e

    • SHA256

      db0a3abe1f541ea30a45894f971666ed50b43938e2ad01ab0bf9322aa34527d7

    • SHA512

      44cc9c58ffce27cdf70052af69be3dfea3527a1aa5fe2fb3188564aefee59918202e2880d97756926f4da295f3b5b95f5c2a8f78f27d30120e8236f53d95b30e

    • SSDEEP

      6144:RK0bNgJ2LWxhvH7zHBzqE6/15CJZkEypV3qa2DoQGtwYkTfz:RK0bNgsLW3/PHIEulTnOVVYSz

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks