General

  • Target

    9015d2757c25728205876c9f51db1385bddb763d55dcc6354e2d7a569060ace5N.exe

  • Size

    175KB

  • Sample

    241112-y5fbsazhqc

  • MD5

    49997ce6e482e981638e1a13252f7bd0

  • SHA1

    13f61dbcfd14c0a6dcec0fc05a01174217ab97b2

  • SHA256

    9015d2757c25728205876c9f51db1385bddb763d55dcc6354e2d7a569060ace5

  • SHA512

    fcf5bd5cf04de9b5d64deb82e440f19b1b7f2eec933f918cfc4e3ce6ac6e17db5a6611ecd4d72aa0cae0902260f0cf5272ac074aa851b4462939dc2c650f52ce

  • SSDEEP

    3072:s9xqZWBJaHEDgXp5lCe159Eh4bxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOuwY:sHqZV7ljEh

Malware Config

Extracted

Family

redline

Botnet

dent

C2

193.233.20.33:4125

Attributes
  • auth_value

    e795368557f02e28e8aef6bcb279a3b0

Targets

    • Target

      9015d2757c25728205876c9f51db1385bddb763d55dcc6354e2d7a569060ace5N.exe

    • Size

      175KB

    • MD5

      49997ce6e482e981638e1a13252f7bd0

    • SHA1

      13f61dbcfd14c0a6dcec0fc05a01174217ab97b2

    • SHA256

      9015d2757c25728205876c9f51db1385bddb763d55dcc6354e2d7a569060ace5

    • SHA512

      fcf5bd5cf04de9b5d64deb82e440f19b1b7f2eec933f918cfc4e3ce6ac6e17db5a6611ecd4d72aa0cae0902260f0cf5272ac074aa851b4462939dc2c650f52ce

    • SSDEEP

      3072:s9xqZWBJaHEDgXp5lCe159Eh4bxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOuwY:sHqZV7ljEh

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks