General

  • Target

    930d449c1555de6b3818496ef9ea89d5ed61c89320ec75aec4ad7397983b4ec6N.exe

  • Size

    175KB

  • Sample

    241112-x6jj6aykc1

  • MD5

    e93fee263c34851bb6480e80e35a3bf0

  • SHA1

    9be8b7539fe290df124361afef108178f7d5d0b3

  • SHA256

    930d449c1555de6b3818496ef9ea89d5ed61c89320ec75aec4ad7397983b4ec6

  • SHA512

    8bfff46e51fa1c5725cd4208b4d082c9b6cadf5bb18d107829d1d539fbc826f28d387cd95df4ad2da39e9bb0d14d2b14dbe1b8b9a1d4dde33cde7204354d2168

  • SSDEEP

    3072:jxqZWXragQx+/YbyRx4dXeh59kho/xNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0ji:1qZWYby7KEkh

Malware Config

Extracted

Family

redline

Botnet

mola

C2

193.233.20.32:4125

Attributes
  • auth_value

    05a04aa0a7694423bb0210907b41d794

Targets

    • Target

      930d449c1555de6b3818496ef9ea89d5ed61c89320ec75aec4ad7397983b4ec6N.exe

    • Size

      175KB

    • MD5

      e93fee263c34851bb6480e80e35a3bf0

    • SHA1

      9be8b7539fe290df124361afef108178f7d5d0b3

    • SHA256

      930d449c1555de6b3818496ef9ea89d5ed61c89320ec75aec4ad7397983b4ec6

    • SHA512

      8bfff46e51fa1c5725cd4208b4d082c9b6cadf5bb18d107829d1d539fbc826f28d387cd95df4ad2da39e9bb0d14d2b14dbe1b8b9a1d4dde33cde7204354d2168

    • SSDEEP

      3072:jxqZWXragQx+/YbyRx4dXeh59kho/xNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0ji:1qZWYby7KEkh

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks