General

  • Target

    b2b9941c57ac7ec4b7c0fb110765530d176e958c569897144140888306cedae4.exe

  • Size

    175KB

  • Sample

    241114-bd4hza1pdw

  • MD5

    de27db1e147c358d834133cc7d35f034

  • SHA1

    ac8c30e69b46a287d678dc64ff0feb47c7c54b43

  • SHA256

    b2b9941c57ac7ec4b7c0fb110765530d176e958c569897144140888306cedae4

  • SHA512

    6f05a393ed928a9607784634af5eb22cfaa5fb6b45765dd754b22ed5a8b87ffe33c328e375b4d29f124b2bfaa980039bf5d0f83998aedb55b2b8175f78f9d49b

  • SSDEEP

    3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jO/:oqZVTPfBbXhi

Malware Config

Extracted

Family

redline

Botnet

dunkan

C2

193.233.20.24:4123

Attributes
  • auth_value

    505c396c57c6287fc3fdc5f3aeab0819

Targets

    • Target

      b2b9941c57ac7ec4b7c0fb110765530d176e958c569897144140888306cedae4.exe

    • Size

      175KB

    • MD5

      de27db1e147c358d834133cc7d35f034

    • SHA1

      ac8c30e69b46a287d678dc64ff0feb47c7c54b43

    • SHA256

      b2b9941c57ac7ec4b7c0fb110765530d176e958c569897144140888306cedae4

    • SHA512

      6f05a393ed928a9607784634af5eb22cfaa5fb6b45765dd754b22ed5a8b87ffe33c328e375b4d29f124b2bfaa980039bf5d0f83998aedb55b2b8175f78f9d49b

    • SSDEEP

      3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jO/:oqZVTPfBbXhi

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks