General

  • Target

    1eccc809b5e9940f45d0336253f30e7f5451cce147feb018105e99351969adbd

  • Size

    175KB

  • Sample

    241112-y12n8atlfp

  • MD5

    39099f756bf2d43cc7568ae38952bbb8

  • SHA1

    3ffec41e8a83c6a050a4a55842268ee92f826063

  • SHA256

    1eccc809b5e9940f45d0336253f30e7f5451cce147feb018105e99351969adbd

  • SHA512

    9ce4d8f01ce8baecf0c94f1a2342c680231eb7c82d9a033234fe7b55c9dbb2ee711ff3fc5b6564cae5fb3d188f1487c7a677459e27dedb9d07d582955ed24a70

  • SSDEEP

    3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOG:oqZVTPfBbXh

Malware Config

Extracted

Family

redline

Botnet

dunkan

C2

193.233.20.24:4123

Attributes
  • auth_value

    505c396c57c6287fc3fdc5f3aeab0819

Targets

    • Target

      1eccc809b5e9940f45d0336253f30e7f5451cce147feb018105e99351969adbd

    • Size

      175KB

    • MD5

      39099f756bf2d43cc7568ae38952bbb8

    • SHA1

      3ffec41e8a83c6a050a4a55842268ee92f826063

    • SHA256

      1eccc809b5e9940f45d0336253f30e7f5451cce147feb018105e99351969adbd

    • SHA512

      9ce4d8f01ce8baecf0c94f1a2342c680231eb7c82d9a033234fe7b55c9dbb2ee711ff3fc5b6564cae5fb3d188f1487c7a677459e27dedb9d07d582955ed24a70

    • SSDEEP

      3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOG:oqZVTPfBbXh

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks