General

  • Target

    93421a94d7e6ade655430fcadf4f240ebbf3464c11854f4b49eb94ebffc4dee4

  • Size

    176KB

  • Sample

    241113-ay6ndstepe

  • MD5

    c8313d59c3e2693b8fda7352b3aa9d41

  • SHA1

    92c10436b9682ac89a2d5d2b75e591b8c2be1aed

  • SHA256

    93421a94d7e6ade655430fcadf4f240ebbf3464c11854f4b49eb94ebffc4dee4

  • SHA512

    cbb6337e8fae08c7d67b55b8a709559b6d1ddbd2ee9a8549a10c3890ce9c17c998cbd8d510e4e531b870dae51d66bbd126a5279f9c03d1d3973c3834929dd619

  • SSDEEP

    3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOG:oqZVTPfBbXh

Malware Config

Extracted

Family

redline

Botnet

dunkan

C2

193.233.20.24:4123

Attributes
  • auth_value

    505c396c57c6287fc3fdc5f3aeab0819

Targets

    • Target

      93421a94d7e6ade655430fcadf4f240ebbf3464c11854f4b49eb94ebffc4dee4

    • Size

      176KB

    • MD5

      c8313d59c3e2693b8fda7352b3aa9d41

    • SHA1

      92c10436b9682ac89a2d5d2b75e591b8c2be1aed

    • SHA256

      93421a94d7e6ade655430fcadf4f240ebbf3464c11854f4b49eb94ebffc4dee4

    • SHA512

      cbb6337e8fae08c7d67b55b8a709559b6d1ddbd2ee9a8549a10c3890ce9c17c998cbd8d510e4e531b870dae51d66bbd126a5279f9c03d1d3973c3834929dd619

    • SSDEEP

      3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOG:oqZVTPfBbXh

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks