General

  • Target

    78f32722f9b7a4c96300a0ecb395822c40d387a5b8ea422bd8d81e11721ac4a2

  • Size

    355KB

  • Sample

    241114-3dsj9averr

  • MD5

    0fb13bd0cb8042f42da14ee373edd844

  • SHA1

    43301fc1f6bd84f46c6e909af1264e5123425134

  • SHA256

    78f32722f9b7a4c96300a0ecb395822c40d387a5b8ea422bd8d81e11721ac4a2

  • SHA512

    da7acb095b24d45d52c511344d72a4e83c757bbd6ba6a488fe58778ac8f2fc015dfe6cc708a8f14fecb94c9a7df3ce1b75e73621406d6b6af67d050c4c80caee

  • SSDEEP

    3072:mZGfnyJNhn+O92xmoXOcDaGiuXZCoYgmTD1mUcV27nd10GGXMqkOlYtlO+O0dEhB:tcBPed2dhXmczGXMqeEsM33uKI38fzj

Malware Config

Extracted

Family

redline

Botnet

down

C2

193.233.20.31:4125

Attributes
  • auth_value

    12c31a90c72f5efae8c053a0bd339381

Targets

    • Target

      78f32722f9b7a4c96300a0ecb395822c40d387a5b8ea422bd8d81e11721ac4a2

    • Size

      355KB

    • MD5

      0fb13bd0cb8042f42da14ee373edd844

    • SHA1

      43301fc1f6bd84f46c6e909af1264e5123425134

    • SHA256

      78f32722f9b7a4c96300a0ecb395822c40d387a5b8ea422bd8d81e11721ac4a2

    • SHA512

      da7acb095b24d45d52c511344d72a4e83c757bbd6ba6a488fe58778ac8f2fc015dfe6cc708a8f14fecb94c9a7df3ce1b75e73621406d6b6af67d050c4c80caee

    • SSDEEP

      3072:mZGfnyJNhn+O92xmoXOcDaGiuXZCoYgmTD1mUcV27nd10GGXMqkOlYtlO+O0dEhB:tcBPed2dhXmczGXMqeEsM33uKI38fzj

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks