General

  • Target

    ce81fb73ca31387c31b4bc8c212a4f9f1eeb6fab2d25ab92b107b7a9d1795f98.exe

  • Size

    349KB

  • Sample

    241113-n83w5s1laz

  • MD5

    e0936a09052537e0049f34defd2f125e

  • SHA1

    a1643f03c220e3ce8f9de7d73853d32283c10e6e

  • SHA256

    ce81fb73ca31387c31b4bc8c212a4f9f1eeb6fab2d25ab92b107b7a9d1795f98

  • SHA512

    3e71be545c4bc20b082a66c950fc1e789207022abebbe118c099c4a8c284882b2ec6dbf3acb4d54c112a694a6c725ea54d676047492d7ccdebba4835d9da1330

  • SSDEEP

    6144:gOgML34cKDDyHqFv3/KJ0qs8UAgu1SvcOpb6iCJxV2BBGv/sh8r:gOj74DwqFv3oTs8UqEEOV6zJaQsh8r

Malware Config

Extracted

Family

redline

Botnet

gena

C2

193.233.20.30:4125

Attributes
  • auth_value

    93c20961cb6b06b2d5781c212db6201e

Targets

    • Target

      ce81fb73ca31387c31b4bc8c212a4f9f1eeb6fab2d25ab92b107b7a9d1795f98.exe

    • Size

      349KB

    • MD5

      e0936a09052537e0049f34defd2f125e

    • SHA1

      a1643f03c220e3ce8f9de7d73853d32283c10e6e

    • SHA256

      ce81fb73ca31387c31b4bc8c212a4f9f1eeb6fab2d25ab92b107b7a9d1795f98

    • SHA512

      3e71be545c4bc20b082a66c950fc1e789207022abebbe118c099c4a8c284882b2ec6dbf3acb4d54c112a694a6c725ea54d676047492d7ccdebba4835d9da1330

    • SSDEEP

      6144:gOgML34cKDDyHqFv3/KJ0qs8UAgu1SvcOpb6iCJxV2BBGv/sh8r:gOj74DwqFv3oTs8UqEEOV6zJaQsh8r

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks