General

  • Target

    b8dda24f86ce19606d72124075e94495f85b03d2265ffbe3268eaedf4992378aN

  • Size

    385KB

  • Sample

    241112-xjs53syflh

  • MD5

    71a4bdf6ee174237cbe4a0627b66eab0

  • SHA1

    fd278d0a12634c96f2a362b36d061da7f9617c31

  • SHA256

    b8dda24f86ce19606d72124075e94495f85b03d2265ffbe3268eaedf4992378a

  • SHA512

    9ef117f49a1fc36f3a877e49068a1d5f81ca5e86113786b2ecc919b5eb125db58e01584cc3e0375b95cd81bdc86e588c1d5aa61a9c8109bd4baa6c60a8950a81

  • SSDEEP

    6144:qCO1Vq3dMOSZAqd1tggP/hxzXW3jR3koT6YjfS2Tfm:dO1Vq3GOSSqdngq/XzmhkoT6cSEm

Malware Config

Extracted

Family

redline

Botnet

boris

C2

193.233.20.32:4125

Attributes
  • auth_value

    766b5bdf6dbefcf7ca223351952fc38f

Targets

    • Target

      b8dda24f86ce19606d72124075e94495f85b03d2265ffbe3268eaedf4992378aN

    • Size

      385KB

    • MD5

      71a4bdf6ee174237cbe4a0627b66eab0

    • SHA1

      fd278d0a12634c96f2a362b36d061da7f9617c31

    • SHA256

      b8dda24f86ce19606d72124075e94495f85b03d2265ffbe3268eaedf4992378a

    • SHA512

      9ef117f49a1fc36f3a877e49068a1d5f81ca5e86113786b2ecc919b5eb125db58e01584cc3e0375b95cd81bdc86e588c1d5aa61a9c8109bd4baa6c60a8950a81

    • SSDEEP

      6144:qCO1Vq3dMOSZAqd1tggP/hxzXW3jR3koT6YjfS2Tfm:dO1Vq3GOSSqdngq/XzmhkoT6cSEm

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks