General

  • Target

    7692cc1b4b14bf860b1792e6b2537a4e9afe7572d49ce58d2ae91ff2c6383beb.exe

  • Size

    175KB

  • Sample

    241115-t283gaxgkq

  • MD5

    c52a4fc63a464195ad4c8567ac038ef4

  • SHA1

    114dd483c415ba55d1d7b8f34ac9f958c5ab80a8

  • SHA256

    7692cc1b4b14bf860b1792e6b2537a4e9afe7572d49ce58d2ae91ff2c6383beb

  • SHA512

    ce3e5ce238ecb72cb46c76d949842de75755dab4a2c2d0c7c33693c4f7b5a736a12900bf79a225bbf4f93bff152f2ffcbb7ec8f414088e00d8178c7b5743c50d

  • SSDEEP

    3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jO/:oqZVTPfBbXhi

Malware Config

Extracted

Family

redline

Botnet

dunkan

C2

193.233.20.24:4123

Attributes
  • auth_value

    505c396c57c6287fc3fdc5f3aeab0819

Targets

    • Target

      7692cc1b4b14bf860b1792e6b2537a4e9afe7572d49ce58d2ae91ff2c6383beb.exe

    • Size

      175KB

    • MD5

      c52a4fc63a464195ad4c8567ac038ef4

    • SHA1

      114dd483c415ba55d1d7b8f34ac9f958c5ab80a8

    • SHA256

      7692cc1b4b14bf860b1792e6b2537a4e9afe7572d49ce58d2ae91ff2c6383beb

    • SHA512

      ce3e5ce238ecb72cb46c76d949842de75755dab4a2c2d0c7c33693c4f7b5a736a12900bf79a225bbf4f93bff152f2ffcbb7ec8f414088e00d8178c7b5743c50d

    • SSDEEP

      3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jO/:oqZVTPfBbXhi

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks