General

  • Target

    0f732067622c465de5814dc8e008ee2dec529abbab78e7e486260ac5e636b357.exe

  • Size

    175KB

  • Sample

    241113-zsnytsygmb

  • MD5

    cff991269097418bedb635d4320d99c8

  • SHA1

    aaad64f10a1c7b6f3b965dd6099b1a5ea3d0a81f

  • SHA256

    0f732067622c465de5814dc8e008ee2dec529abbab78e7e486260ac5e636b357

  • SHA512

    621a2369e01924b295deafc12b8b60b217f3a14d7b9acaa5cdbe0b69c01d6a60e8295a3c2090b97fb99617e86a8f23b54dc3b0c7cb9ce4deca676042904a85de

  • SSDEEP

    3072:s9xqZWBJaHEDgXp5lCe159Eh4bxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOuwn:sHqZV7ljEhK

Malware Config

Extracted

Family

redline

Botnet

dent

C2

193.233.20.33:4125

Attributes
  • auth_value

    e795368557f02e28e8aef6bcb279a3b0

Targets

    • Target

      0f732067622c465de5814dc8e008ee2dec529abbab78e7e486260ac5e636b357.exe

    • Size

      175KB

    • MD5

      cff991269097418bedb635d4320d99c8

    • SHA1

      aaad64f10a1c7b6f3b965dd6099b1a5ea3d0a81f

    • SHA256

      0f732067622c465de5814dc8e008ee2dec529abbab78e7e486260ac5e636b357

    • SHA512

      621a2369e01924b295deafc12b8b60b217f3a14d7b9acaa5cdbe0b69c01d6a60e8295a3c2090b97fb99617e86a8f23b54dc3b0c7cb9ce4deca676042904a85de

    • SSDEEP

      3072:s9xqZWBJaHEDgXp5lCe159Eh4bxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOuwn:sHqZV7ljEhK

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks