General

  • Target

    1a9127e0db25afeb2f3c5cba11ddd80eefa51dc2b5b5809c06fd116b4012ad3e.exe

  • Size

    176KB

  • Sample

    241111-hfjpxatpfy

  • MD5

    843526672bc035755288049882c56beb

  • SHA1

    b4934fa3eb1543ffa708ee8a20aac42eff9c6b2e

  • SHA256

    1a9127e0db25afeb2f3c5cba11ddd80eefa51dc2b5b5809c06fd116b4012ad3e

  • SHA512

    14dea3376aee46c9655d6aba479095eb388b32e2993375f0235b86cd3a2de7897c983fefc8a2811bd13ef5637d605df5a2f94591caff95586aa8d46f064d7d6f

  • SSDEEP

    3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOM:oqZVTPfBbXh/

Malware Config

Extracted

Family

redline

Botnet

dunkan

C2

193.233.20.24:4123

Attributes
  • auth_value

    505c396c57c6287fc3fdc5f3aeab0819

Targets

    • Target

      1a9127e0db25afeb2f3c5cba11ddd80eefa51dc2b5b5809c06fd116b4012ad3e.exe

    • Size

      176KB

    • MD5

      843526672bc035755288049882c56beb

    • SHA1

      b4934fa3eb1543ffa708ee8a20aac42eff9c6b2e

    • SHA256

      1a9127e0db25afeb2f3c5cba11ddd80eefa51dc2b5b5809c06fd116b4012ad3e

    • SHA512

      14dea3376aee46c9655d6aba479095eb388b32e2993375f0235b86cd3a2de7897c983fefc8a2811bd13ef5637d605df5a2f94591caff95586aa8d46f064d7d6f

    • SSDEEP

      3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOM:oqZVTPfBbXh/

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks