General

  • Target

    05c2bdc10136c362c366aca2529c5f2cd4291d51f598ae2b573b1982f8ff369c

  • Size

    175KB

  • Sample

    241112-xz1j4asmel

  • MD5

    b091cd9968ad74dab491b7892646041f

  • SHA1

    203ae2351a3ea78979032abfee05e5f6a7331dfc

  • SHA256

    05c2bdc10136c362c366aca2529c5f2cd4291d51f598ae2b573b1982f8ff369c

  • SHA512

    6bbb9ea7d0c7085bf3319304e41d46a3fcc8f8d00b708f32b081f00be12b886075e494a121939267353a4344dce2af8ff7a081ac4e5a521694b475c29e7760cd

  • SSDEEP

    3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOG:oqZVTPfBbXh

Malware Config

Extracted

Family

redline

Botnet

dunkan

C2

193.233.20.24:4123

Attributes
  • auth_value

    505c396c57c6287fc3fdc5f3aeab0819

Targets

    • Target

      05c2bdc10136c362c366aca2529c5f2cd4291d51f598ae2b573b1982f8ff369c

    • Size

      175KB

    • MD5

      b091cd9968ad74dab491b7892646041f

    • SHA1

      203ae2351a3ea78979032abfee05e5f6a7331dfc

    • SHA256

      05c2bdc10136c362c366aca2529c5f2cd4291d51f598ae2b573b1982f8ff369c

    • SHA512

      6bbb9ea7d0c7085bf3319304e41d46a3fcc8f8d00b708f32b081f00be12b886075e494a121939267353a4344dce2af8ff7a081ac4e5a521694b475c29e7760cd

    • SSDEEP

      3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOG:oqZVTPfBbXh

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks