General

  • Target

    9a72f85ee3b74a6409f34b25ef1c1a1ba4508fe1

  • Size

    271KB

  • Sample

    241111-hgx9patphz

  • MD5

    6890ad96e4de1b761179747260f0394a

  • SHA1

    9a72f85ee3b74a6409f34b25ef1c1a1ba4508fe1

  • SHA256

    b92b8b1c6c49a9aa0287759a2395a693a1250841fbdb711c6bbfaedb84748a1a

  • SHA512

    3baa4965af5df328b2d55222ab38d03b540e1c0f55af606258665259a59d5512b257a9f162c299f476048b89613d7b759361a0a70e4f31a7924a416c439ad6de

  • SSDEEP

    6144:KbvBA5mYYHCkPeK9hrhkJnzbi6h1j2rJRDnIWPBxQe:ovG5IHD9RmFV29RDIoB7

Malware Config

Extracted

Family

redline

Botnet

dozkey

C2

91.212.166.11:47242

Attributes
  • auth_value

    6386fb6f33ca338f864abfc5f8fe1774

Targets

    • Target

      07aafa336750ed683f0ecbdc0ff918a9e712892cc1ede8ad186932fd3d582736

    • Size

      350KB

    • MD5

      3fb70716445e5012c74ce98636fbfd9f

    • SHA1

      1b6cf158fc8480bc51ae6bf3c77b13ae853c68ea

    • SHA256

      07aafa336750ed683f0ecbdc0ff918a9e712892cc1ede8ad186932fd3d582736

    • SHA512

      d5b58ce6d0f913655af6aac0928f07b970f1ef3549cbf7e4831d8a3befb3f25660ee3317465ef907f70a503ac82a03261ab72a649c06dda938c396170f1901c8

    • SSDEEP

      6144:szLeroLKHANcQCkPe89hrhkJXzbi6p1h2rJRDnIYnt6Kr2cdI/:szqrIK6r9R81X29RDIYtjr2

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks