General

  • Target

    48dfef0c32760110e509545653b166817c8c765fe02f9d7d6e50ea18b3b190f7.exe

  • Size

    175KB

  • Sample

    241115-r7dgmszjeq

  • MD5

    b49a89f93a2004753465406bdbfd152e

  • SHA1

    2f22529ec2357926108fce56a4a1fa79f7bc7bf2

  • SHA256

    48dfef0c32760110e509545653b166817c8c765fe02f9d7d6e50ea18b3b190f7

  • SHA512

    dbd0f782a027ef0e687d5caad2d8ee02e3750c4d6ee9b10078fa1fce3cb94d653dcdb40e9b45e14ff79c917140c534a0db2c52adda918e6cfd596e9076a53c04

  • SSDEEP

    3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jO/:oqZVTPfBbXhS

Malware Config

Extracted

Family

redline

Botnet

dunkan

C2

193.233.20.24:4123

Attributes
  • auth_value

    505c396c57c6287fc3fdc5f3aeab0819

Targets

    • Target

      48dfef0c32760110e509545653b166817c8c765fe02f9d7d6e50ea18b3b190f7.exe

    • Size

      175KB

    • MD5

      b49a89f93a2004753465406bdbfd152e

    • SHA1

      2f22529ec2357926108fce56a4a1fa79f7bc7bf2

    • SHA256

      48dfef0c32760110e509545653b166817c8c765fe02f9d7d6e50ea18b3b190f7

    • SHA512

      dbd0f782a027ef0e687d5caad2d8ee02e3750c4d6ee9b10078fa1fce3cb94d653dcdb40e9b45e14ff79c917140c534a0db2c52adda918e6cfd596e9076a53c04

    • SSDEEP

      3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jO/:oqZVTPfBbXhS

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks