General

  • Target

    2b753fd2e1e136f27436fafc8da15f65290df339391e16782427a502f153c7eb

  • Size

    175KB

  • Sample

    241113-zj1ahayfmd

  • MD5

    df9a4943f6512c43c5fcf5cde7575883

  • SHA1

    f61da371de88c9b1b2277851b3a8100c337ba7a7

  • SHA256

    2b753fd2e1e136f27436fafc8da15f65290df339391e16782427a502f153c7eb

  • SHA512

    6e02cf979fbeb4396b0b68d01da8f04dd6ac20156f36efa12042dfcf05397ed627cdc862c4ac4c3ee426e89d7caf32fa78baac4916a3e46e15ede0c467363d9f

  • SSDEEP

    3072:KxqZWJBaKULo3pfEWGljeerDF/hevTxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw09:4qZIpfEWYL/hk

Malware Config

Extracted

Family

redline

Botnet

fuba

C2

193.56.146.11:4162

Attributes
  • auth_value

    43015841fc23c63b15ca6ffe1d278d5e

Targets

    • Target

      2b753fd2e1e136f27436fafc8da15f65290df339391e16782427a502f153c7eb

    • Size

      175KB

    • MD5

      df9a4943f6512c43c5fcf5cde7575883

    • SHA1

      f61da371de88c9b1b2277851b3a8100c337ba7a7

    • SHA256

      2b753fd2e1e136f27436fafc8da15f65290df339391e16782427a502f153c7eb

    • SHA512

      6e02cf979fbeb4396b0b68d01da8f04dd6ac20156f36efa12042dfcf05397ed627cdc862c4ac4c3ee426e89d7caf32fa78baac4916a3e46e15ede0c467363d9f

    • SSDEEP

      3072:KxqZWJBaKULo3pfEWGljeerDF/hevTxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw09:4qZIpfEWYL/hk

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks