General

  • Target

    1726b7f4069755f3de2738c1cb24b83390d08815705d36e2b08fa9a3969000a0

  • Size

    449KB

  • Sample

    241111-hpkzbstrc1

  • MD5

    83e0aac95c306bf0e4b1d8efba04d8bd

  • SHA1

    14c8ff0da386e531046f0085994771babbc16931

  • SHA256

    1726b7f4069755f3de2738c1cb24b83390d08815705d36e2b08fa9a3969000a0

  • SHA512

    cf8aef9f0d63be400615fc98d77b3b354481233ee5ba5554157932d6f2643ba1d171238c14c578ddaaa4ae7c70b7aa143ddbcfee2a20b74fa426d56e4de98aa6

  • SSDEEP

    12288:V3Gt7HUAjeicDtkh/Jbo+W/R5zp87y6z4lQe0bj:UWAjeZyo/+7dz4lWbj

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      1726b7f4069755f3de2738c1cb24b83390d08815705d36e2b08fa9a3969000a0

    • Size

      449KB

    • MD5

      83e0aac95c306bf0e4b1d8efba04d8bd

    • SHA1

      14c8ff0da386e531046f0085994771babbc16931

    • SHA256

      1726b7f4069755f3de2738c1cb24b83390d08815705d36e2b08fa9a3969000a0

    • SHA512

      cf8aef9f0d63be400615fc98d77b3b354481233ee5ba5554157932d6f2643ba1d171238c14c578ddaaa4ae7c70b7aa143ddbcfee2a20b74fa426d56e4de98aa6

    • SSDEEP

      12288:V3Gt7HUAjeicDtkh/Jbo+W/R5zp87y6z4lQe0bj:UWAjeZyo/+7dz4lWbj

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks