General

  • Target

    872c7be82f26d1e9f8d1cdf502d9b0b72b803d553a0fd9d6400592623914d6e2.exe

  • Size

    175KB

  • Sample

    241114-gws3vayneq

  • MD5

    0e463c178d6684aafc9151b8ca85355a

  • SHA1

    b5bfa67e862006be28ab5b42272cacb237ba9d9c

  • SHA256

    872c7be82f26d1e9f8d1cdf502d9b0b72b803d553a0fd9d6400592623914d6e2

  • SHA512

    6b9af648c04c0d7e33f5ecb79ec2df00b6fe20bb15af7ac12fc1164df8d2a756c78d61a7d303e53142515eab0a17ca2bfd587f6afd4645e7c17250f2c3c3bfc4

  • SSDEEP

    3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOF:oqZVTPfBbXhG

Malware Config

Extracted

Family

redline

Botnet

dunkan

C2

193.233.20.24:4123

Attributes
  • auth_value

    505c396c57c6287fc3fdc5f3aeab0819

Targets

    • Target

      872c7be82f26d1e9f8d1cdf502d9b0b72b803d553a0fd9d6400592623914d6e2.exe

    • Size

      175KB

    • MD5

      0e463c178d6684aafc9151b8ca85355a

    • SHA1

      b5bfa67e862006be28ab5b42272cacb237ba9d9c

    • SHA256

      872c7be82f26d1e9f8d1cdf502d9b0b72b803d553a0fd9d6400592623914d6e2

    • SHA512

      6b9af648c04c0d7e33f5ecb79ec2df00b6fe20bb15af7ac12fc1164df8d2a756c78d61a7d303e53142515eab0a17ca2bfd587f6afd4645e7c17250f2c3c3bfc4

    • SSDEEP

      3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOF:oqZVTPfBbXhG

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks