General

  • Target

    97784dbc322242665b04d6c6a58ff5c0e7dd7494be50bb854d5d71a5ff0fc0d6

  • Size

    175KB

  • Sample

    241114-a3wzrascqj

  • MD5

    4231e8b8d7926b8a64529eadf4481bdb

  • SHA1

    87a152f43d8865bae38802f521c4f0f173eca1b9

  • SHA256

    97784dbc322242665b04d6c6a58ff5c0e7dd7494be50bb854d5d71a5ff0fc0d6

  • SHA512

    45330a4c8eafc8ac2b9598c5a4191064f1bbaa2d16830a7c74904ecc3088a79acd7342b6d82e4e0be74099884d414423214f85fba90119f4313e090e2164c5f0

  • SSDEEP

    3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOG:oqZVTPfBbXh

Malware Config

Extracted

Family

redline

Botnet

dunkan

C2

193.233.20.24:4123

Attributes
  • auth_value

    505c396c57c6287fc3fdc5f3aeab0819

Targets

    • Target

      97784dbc322242665b04d6c6a58ff5c0e7dd7494be50bb854d5d71a5ff0fc0d6

    • Size

      175KB

    • MD5

      4231e8b8d7926b8a64529eadf4481bdb

    • SHA1

      87a152f43d8865bae38802f521c4f0f173eca1b9

    • SHA256

      97784dbc322242665b04d6c6a58ff5c0e7dd7494be50bb854d5d71a5ff0fc0d6

    • SHA512

      45330a4c8eafc8ac2b9598c5a4191064f1bbaa2d16830a7c74904ecc3088a79acd7342b6d82e4e0be74099884d414423214f85fba90119f4313e090e2164c5f0

    • SSDEEP

      3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOG:oqZVTPfBbXh

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks