General

  • Target

    cb288834902ec7a5c67d9fd8ae05693a2ab844d284255f7c780f5926148f83ef.exe

  • Size

    175KB

  • Sample

    241113-fh5n2svrfs

  • MD5

    f7343fc117730cdcfba250a809b5abc6

  • SHA1

    49244b1dd703f2e9f057dd6f0704b023d67bd959

  • SHA256

    cb288834902ec7a5c67d9fd8ae05693a2ab844d284255f7c780f5926148f83ef

  • SHA512

    8414ebfbd295217fb97cbcf50c71ce23d9d318a191ab73518abed55fb70d91b306d4d194079bcf386b5d2d2d3458b1c863fc87da4f4a5d44a93c93a3ad96c1af

  • SSDEEP

    3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOt:oqZVTPfBbXh2

Malware Config

Extracted

Family

redline

Botnet

dunkan

C2

193.233.20.24:4123

Attributes
  • auth_value

    505c396c57c6287fc3fdc5f3aeab0819

Targets

    • Target

      cb288834902ec7a5c67d9fd8ae05693a2ab844d284255f7c780f5926148f83ef.exe

    • Size

      175KB

    • MD5

      f7343fc117730cdcfba250a809b5abc6

    • SHA1

      49244b1dd703f2e9f057dd6f0704b023d67bd959

    • SHA256

      cb288834902ec7a5c67d9fd8ae05693a2ab844d284255f7c780f5926148f83ef

    • SHA512

      8414ebfbd295217fb97cbcf50c71ce23d9d318a191ab73518abed55fb70d91b306d4d194079bcf386b5d2d2d3458b1c863fc87da4f4a5d44a93c93a3ad96c1af

    • SSDEEP

      3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOt:oqZVTPfBbXh2

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks