General

  • Target

    6f916065eda1740e595234fba9e4a10d411d6c11fb73cf31dc2b0fd05ef845afN.exe

  • Size

    176KB

  • Sample

    241115-z2h4yasdrc

  • MD5

    fc0c893fa81831a32d950473d713c130

  • SHA1

    4c8a30910946e8e11309cf083c3fdf20a109f75b

  • SHA256

    6f916065eda1740e595234fba9e4a10d411d6c11fb73cf31dc2b0fd05ef845af

  • SHA512

    a00d5de576d75e6cb0aaaab4873e3568afbc78937740f23d0806917efdaf300b22f5382db55e02a5bf82e0d0eaadce547cc2f740394e862dcb49995b1a18d25d

  • SSDEEP

    3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOG:oqZVTPfBbXh

Malware Config

Extracted

Family

redline

Botnet

dunkan

C2

193.233.20.24:4123

Attributes
  • auth_value

    505c396c57c6287fc3fdc5f3aeab0819

Targets

    • Target

      6f916065eda1740e595234fba9e4a10d411d6c11fb73cf31dc2b0fd05ef845afN.exe

    • Size

      176KB

    • MD5

      fc0c893fa81831a32d950473d713c130

    • SHA1

      4c8a30910946e8e11309cf083c3fdf20a109f75b

    • SHA256

      6f916065eda1740e595234fba9e4a10d411d6c11fb73cf31dc2b0fd05ef845af

    • SHA512

      a00d5de576d75e6cb0aaaab4873e3568afbc78937740f23d0806917efdaf300b22f5382db55e02a5bf82e0d0eaadce547cc2f740394e862dcb49995b1a18d25d

    • SSDEEP

      3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOG:oqZVTPfBbXh

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks