General

  • Target

    2573b98c438a5ff537bee12b1f5feac6584a63fac0888cbe9954beaea252cd7fN.exe

  • Size

    383KB

  • Sample

    241113-rez5yatcrk

  • MD5

    40d545025aac4b0caa512d155bac3814

  • SHA1

    4fd2f2985c41e69c49d607a8ede021e6cb365e0c

  • SHA256

    193459faecb5c745a0aac174bff03eeeaec59576b03918b80f1970017ec73f05

  • SHA512

    a600e87f818085f4185d58c56a15d7b9f430068ea3b17895e590708ad2fa5ac4acb1fa8eef9dce4f3c0c336d2450b333370e15795ee96b8e4b6e67d97b2c1f37

  • SSDEEP

    6144:86d8DTfUc8/cO2Q1tZbw3p0KPjFMmfbMTLPJkAqkKjTfzl:86d8DT8c8n1tZbU0gBMmzqkAdszl

Malware Config

Extracted

Family

redline

Botnet

boris

C2

193.233.20.32:4125

Attributes
  • auth_value

    766b5bdf6dbefcf7ca223351952fc38f

Targets

    • Target

      2573b98c438a5ff537bee12b1f5feac6584a63fac0888cbe9954beaea252cd7fN.exe

    • Size

      383KB

    • MD5

      40d545025aac4b0caa512d155bac3814

    • SHA1

      4fd2f2985c41e69c49d607a8ede021e6cb365e0c

    • SHA256

      193459faecb5c745a0aac174bff03eeeaec59576b03918b80f1970017ec73f05

    • SHA512

      a600e87f818085f4185d58c56a15d7b9f430068ea3b17895e590708ad2fa5ac4acb1fa8eef9dce4f3c0c336d2450b333370e15795ee96b8e4b6e67d97b2c1f37

    • SSDEEP

      6144:86d8DTfUc8/cO2Q1tZbw3p0KPjFMmfbMTLPJkAqkKjTfzl:86d8DT8c8n1tZbU0gBMmzqkAdszl

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks