General

  • Target

    0632b800b8b59957a89973e9f550eb772f06a913778d59bccd08eec0b3cb5562

  • Size

    175KB

  • Sample

    241114-xz16ma1ngw

  • MD5

    3fdd8df93883f1d1485861c73be9d0f5

  • SHA1

    8452a18a4c0765c84f6eccb16388c5772d015a98

  • SHA256

    0632b800b8b59957a89973e9f550eb772f06a913778d59bccd08eec0b3cb5562

  • SHA512

    817f28782b47abb7f9c472732070a7e20964003b4af6365f54011f21b8957b179b1aaa4d222c0187b8cb6b3e6988ed7e205c6c1adbcc5ceafbbddff38cae664b

  • SSDEEP

    3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOG:oqZVTPfBbXh

Malware Config

Extracted

Family

redline

Botnet

dunkan

C2

193.233.20.24:4123

Attributes
  • auth_value

    505c396c57c6287fc3fdc5f3aeab0819

Targets

    • Target

      0632b800b8b59957a89973e9f550eb772f06a913778d59bccd08eec0b3cb5562

    • Size

      175KB

    • MD5

      3fdd8df93883f1d1485861c73be9d0f5

    • SHA1

      8452a18a4c0765c84f6eccb16388c5772d015a98

    • SHA256

      0632b800b8b59957a89973e9f550eb772f06a913778d59bccd08eec0b3cb5562

    • SHA512

      817f28782b47abb7f9c472732070a7e20964003b4af6365f54011f21b8957b179b1aaa4d222c0187b8cb6b3e6988ed7e205c6c1adbcc5ceafbbddff38cae664b

    • SSDEEP

      3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOG:oqZVTPfBbXh

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks