General

  • Target

    5d76bb0c528f78f9f4e144b294216db34fd64fc2636d067100cb49e5c550516c

  • Size

    176KB

  • Sample

    241113-2fmw4s1clm

  • MD5

    0e0a2c16a973aca2e257bd75c7b5f5bf

  • SHA1

    09f6c89d7f87c65821ed6a3073be55f50202b7b3

  • SHA256

    5d76bb0c528f78f9f4e144b294216db34fd64fc2636d067100cb49e5c550516c

  • SHA512

    be5c077c4d0f921d6915abe3de43b7a43b9cc79139f201fc52bd479b69ce2f86e116544dea5c5269969600fbe0291138bf6f2149c76241e6acd5abe58e44176e

  • SSDEEP

    3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOG:oqZVTPfBbXh

Malware Config

Extracted

Family

redline

Botnet

dunkan

C2

193.233.20.24:4123

Attributes
  • auth_value

    505c396c57c6287fc3fdc5f3aeab0819

Targets

    • Target

      5d76bb0c528f78f9f4e144b294216db34fd64fc2636d067100cb49e5c550516c

    • Size

      176KB

    • MD5

      0e0a2c16a973aca2e257bd75c7b5f5bf

    • SHA1

      09f6c89d7f87c65821ed6a3073be55f50202b7b3

    • SHA256

      5d76bb0c528f78f9f4e144b294216db34fd64fc2636d067100cb49e5c550516c

    • SHA512

      be5c077c4d0f921d6915abe3de43b7a43b9cc79139f201fc52bd479b69ce2f86e116544dea5c5269969600fbe0291138bf6f2149c76241e6acd5abe58e44176e

    • SSDEEP

      3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOG:oqZVTPfBbXh

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks