General

  • Target

    6f6d97f92f86ef7f62665910a32ab318fd51ca80b920cc3ad79608ecf1c58015N.exe

  • Size

    169KB

  • Sample

    241111-gtpyeavajl

  • MD5

    dba557d5be815bf03247c895f245c9af

  • SHA1

    dba45fa9ccff3888e3a12226e84d45ed9bb046d8

  • SHA256

    110ba054d1153bf3f1ef7b3240c32bc1a3581b02c0ed4ac0c02ffc83e32afbe3

  • SHA512

    a5fc26fa807881200d82cd21bd2028ae2892b58bfa061ce820839c15c0f7adef2efc23eddbc64f2d6f527ba7bfc4afa168104fbe140150a32fcc34d6de8bf94e

  • SSDEEP

    1536:zR1B8iqlVZRGWcAL4rMeV0HB3PE3+GnTGqVkbutpPljdzXgPw83wYk58e8hpj:9n8U0Z/EOVqV8OVdzXgPwL8e8hpj

Malware Config

Extracted

Family

redline

Botnet

most

C2

185.161.248.73:4164

Attributes
  • auth_value

    7da4dfa153f2919e617aa016f7c36008

Targets

    • Target

      6f6d97f92f86ef7f62665910a32ab318fd51ca80b920cc3ad79608ecf1c58015N.exe

    • Size

      169KB

    • MD5

      dba557d5be815bf03247c895f245c9af

    • SHA1

      dba45fa9ccff3888e3a12226e84d45ed9bb046d8

    • SHA256

      110ba054d1153bf3f1ef7b3240c32bc1a3581b02c0ed4ac0c02ffc83e32afbe3

    • SHA512

      a5fc26fa807881200d82cd21bd2028ae2892b58bfa061ce820839c15c0f7adef2efc23eddbc64f2d6f527ba7bfc4afa168104fbe140150a32fcc34d6de8bf94e

    • SSDEEP

      1536:zR1B8iqlVZRGWcAL4rMeV0HB3PE3+GnTGqVkbutpPljdzXgPw83wYk58e8hpj:9n8U0Z/EOVqV8OVdzXgPwL8e8hpj

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks