General

  • Target

    d330143d406a1c4bd47a50be068c3d81de60476b46b4967e99bca6d3da18fb80.exe

  • Size

    176KB

  • Sample

    241113-j3aaesyang

  • MD5

    100c4a0d686613a4876528be7a032026

  • SHA1

    f3e3518628f2b974fcb6d50bf39a64d29f4462ae

  • SHA256

    d330143d406a1c4bd47a50be068c3d81de60476b46b4967e99bca6d3da18fb80

  • SHA512

    5568420cb4b158d2e178eae753d048cdf953ec4a9e6e2be74256fe89d09af8e455d6b390c945ef57984f1688660230eb818aea7af021a1a1c573a8272e8134c5

  • SSDEEP

    3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOn:oqZVTPfBbXhS

Malware Config

Extracted

Family

redline

Botnet

dunkan

C2

193.233.20.24:4123

Attributes
  • auth_value

    505c396c57c6287fc3fdc5f3aeab0819

Targets

    • Target

      d330143d406a1c4bd47a50be068c3d81de60476b46b4967e99bca6d3da18fb80.exe

    • Size

      176KB

    • MD5

      100c4a0d686613a4876528be7a032026

    • SHA1

      f3e3518628f2b974fcb6d50bf39a64d29f4462ae

    • SHA256

      d330143d406a1c4bd47a50be068c3d81de60476b46b4967e99bca6d3da18fb80

    • SHA512

      5568420cb4b158d2e178eae753d048cdf953ec4a9e6e2be74256fe89d09af8e455d6b390c945ef57984f1688660230eb818aea7af021a1a1c573a8272e8134c5

    • SSDEEP

      3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOn:oqZVTPfBbXhS

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks