General

  • Target

    1a0b1b4c73896e11ab111812f9eedede38721816e23aee90951eb9e082ef9515.exe

  • Size

    175KB

  • Sample

    241116-cbwwsa1nep

  • MD5

    baec920e7ed1fcad2d1e65f8e9981aeb

  • SHA1

    e272804c90ba07991c7e4184a798061e3274024b

  • SHA256

    1a0b1b4c73896e11ab111812f9eedede38721816e23aee90951eb9e082ef9515

  • SHA512

    658544f96901a8c30987cab61b09c1a35376983ed80c7693e4a74c905000c8c38e3c0ca6b2504fafda2397844ad716d712f631b23eef08b1441c5a239fe1d81c

  • SSDEEP

    3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOt:oqZVTPfBbXhm

Malware Config

Extracted

Family

redline

Botnet

dunkan

C2

193.233.20.24:4123

Attributes
  • auth_value

    505c396c57c6287fc3fdc5f3aeab0819

Targets

    • Target

      1a0b1b4c73896e11ab111812f9eedede38721816e23aee90951eb9e082ef9515.exe

    • Size

      175KB

    • MD5

      baec920e7ed1fcad2d1e65f8e9981aeb

    • SHA1

      e272804c90ba07991c7e4184a798061e3274024b

    • SHA256

      1a0b1b4c73896e11ab111812f9eedede38721816e23aee90951eb9e082ef9515

    • SHA512

      658544f96901a8c30987cab61b09c1a35376983ed80c7693e4a74c905000c8c38e3c0ca6b2504fafda2397844ad716d712f631b23eef08b1441c5a239fe1d81c

    • SSDEEP

      3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOt:oqZVTPfBbXhm

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks