General

  • Target

    8869ba2101812b7b5ad4e75e0cdb825b865b1ec289c5b26560926fc0ddd01760

  • Size

    175KB

  • Sample

    241116-aexalswblr

  • MD5

    8191d9a0a071f70b8957a2a5ca84ce23

  • SHA1

    efda218f134545bd50c34e1d13dd2511b666afc0

  • SHA256

    8869ba2101812b7b5ad4e75e0cdb825b865b1ec289c5b26560926fc0ddd01760

  • SHA512

    c2e9aa10e5afea0495f837ec46f0e9456d5a43b968a3d581e0eccc44431a5f270ae1756738f24a13415cd219e2493fe95d134d3a5793be36457121b3626f1000

  • SSDEEP

    3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOG:oqZVTPfBbXh

Malware Config

Extracted

Family

redline

Botnet

dunkan

C2

193.233.20.24:4123

Attributes
  • auth_value

    505c396c57c6287fc3fdc5f3aeab0819

Targets

    • Target

      8869ba2101812b7b5ad4e75e0cdb825b865b1ec289c5b26560926fc0ddd01760

    • Size

      175KB

    • MD5

      8191d9a0a071f70b8957a2a5ca84ce23

    • SHA1

      efda218f134545bd50c34e1d13dd2511b666afc0

    • SHA256

      8869ba2101812b7b5ad4e75e0cdb825b865b1ec289c5b26560926fc0ddd01760

    • SHA512

      c2e9aa10e5afea0495f837ec46f0e9456d5a43b968a3d581e0eccc44431a5f270ae1756738f24a13415cd219e2493fe95d134d3a5793be36457121b3626f1000

    • SSDEEP

      3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOG:oqZVTPfBbXh

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks