General

  • Target

    7c34b797240e618befefa3f19450a7c05da517a35871480c64750e9b02b39148

  • Size

    272KB

  • Sample

    241111-gtk98avcrd

  • MD5

    60696d246a221b33a9de721a6c25cd45

  • SHA1

    5fe433981d8b5d44f3b16cd560bcf1814d180eea

  • SHA256

    7c34b797240e618befefa3f19450a7c05da517a35871480c64750e9b02b39148

  • SHA512

    1f616d01d3a12411a7f0bb59ed9d6b9255a83e62963efd9fe1e475b5e654543bbc3e6ec6802854049df040a10a0b4c833a8a1c53e8593c3e97a2157325b35222

  • SSDEEP

    6144:lsUXhMnqLPB0j9hm5HH8EttxcqY9vD73Op8OJpJOYj5g3:l3XhMoPapVIxcvh73bSu3

Malware Config

Extracted

Family

redline

Botnet

@2023@

C2

193.106.191.138:32796

Attributes
  • auth_value

    ca057e5baadfd0774a34a6a949cd5e69

Targets

    • Target

      72326770d1bd755efcb842041a772b6f5eb4c3c96362b1455c6274d837a48f49.exe

    • Size

      351KB

    • MD5

      f0f094662eca51040ca25f7c8d7356ec

    • SHA1

      332147d1b8bce7cdf9bc35d5d537a497d57208e6

    • SHA256

      72326770d1bd755efcb842041a772b6f5eb4c3c96362b1455c6274d837a48f49

    • SHA512

      675a482dc59cdb34d8e0b66ca34f8588e019ecde6d3635551f6e57e54a1f54b31c3155b369ed0d4ac3ac36a4504389ed8fc37d58513d3e52cdd86d03c6856f10

    • SSDEEP

      6144:cgfi7eLlQ+HuKKVWEKCr+5Is4yySB6hv4Jts+M4sESv6o:Hfi6BQ+JrCr+5b4/ScUDMs

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks