General

  • Target

    34cd8966b7a408c9d4ca240609fe54c2c9e8324b8a2069edd2c8fabae0ad5beaN.exe

  • Size

    379KB

  • Sample

    241112-x57klaykby

  • MD5

    4994650cc544f3a7089e4ab7ff2f6ee0

  • SHA1

    c5931e0b1a94dfcc3c802f5d8e0993c9dec108f0

  • SHA256

    34cd8966b7a408c9d4ca240609fe54c2c9e8324b8a2069edd2c8fabae0ad5bea

  • SHA512

    521e2c72cb8724089907e8078f9a61fc204aaeb0a0b3bce6410a6d61dab42984b67085d1a0a7efaf6c655dbc25f92242a206c37152d2aec7311acee49211c73a

  • SSDEEP

    6144:Tbvgogp56pv5kHidlxQTx4F97PPoFIkenFZG1nr:TTghpYpvOCVLLsZqFgr

Malware Config

Extracted

Family

redline

Botnet

sony

C2

193.233.20.33:4125

Attributes
  • auth_value

    1d93d1744381eeb4fcfd7c23ffe0f0b4

Targets

    • Target

      34cd8966b7a408c9d4ca240609fe54c2c9e8324b8a2069edd2c8fabae0ad5beaN.exe

    • Size

      379KB

    • MD5

      4994650cc544f3a7089e4ab7ff2f6ee0

    • SHA1

      c5931e0b1a94dfcc3c802f5d8e0993c9dec108f0

    • SHA256

      34cd8966b7a408c9d4ca240609fe54c2c9e8324b8a2069edd2c8fabae0ad5bea

    • SHA512

      521e2c72cb8724089907e8078f9a61fc204aaeb0a0b3bce6410a6d61dab42984b67085d1a0a7efaf6c655dbc25f92242a206c37152d2aec7311acee49211c73a

    • SSDEEP

      6144:Tbvgogp56pv5kHidlxQTx4F97PPoFIkenFZG1nr:TTghpYpvOCVLLsZqFgr

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks