General

  • Target

    58b36ae1096746079b7e32e6b9eca7db1283b1fd337c732309131d706d9f6000.exe

  • Size

    385KB

  • Sample

    241113-rsfnfsxjak

  • MD5

    2a43097f66e97b3723a9ddfe0fd44c5c

  • SHA1

    9f42faa15481bf3d2081cf23509da5d113b69571

  • SHA256

    58b36ae1096746079b7e32e6b9eca7db1283b1fd337c732309131d706d9f6000

  • SHA512

    3a68e5be2d395df31ab8d522eabe7e75ce826ed2276de077cd6d92b6cde560071803ab081cafd95e150fe4c306641490a3140d53fcde0c86f4dbe3777c2a5317

  • SSDEEP

    6144:mzVQwGm21Nms4UAucwL/IDllBWgek8JTfml:0QwGm2DmzUAaElB89ml

Malware Config

Extracted

Family

redline

Botnet

boris

C2

193.233.20.32:4125

Attributes
  • auth_value

    766b5bdf6dbefcf7ca223351952fc38f

Targets

    • Target

      58b36ae1096746079b7e32e6b9eca7db1283b1fd337c732309131d706d9f6000.exe

    • Size

      385KB

    • MD5

      2a43097f66e97b3723a9ddfe0fd44c5c

    • SHA1

      9f42faa15481bf3d2081cf23509da5d113b69571

    • SHA256

      58b36ae1096746079b7e32e6b9eca7db1283b1fd337c732309131d706d9f6000

    • SHA512

      3a68e5be2d395df31ab8d522eabe7e75ce826ed2276de077cd6d92b6cde560071803ab081cafd95e150fe4c306641490a3140d53fcde0c86f4dbe3777c2a5317

    • SSDEEP

      6144:mzVQwGm21Nms4UAucwL/IDllBWgek8JTfml:0QwGm2DmzUAaElB89ml

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks