General

  • Target

    897f166429b6c1915b13d855b61b0e2d1ccc11b6a40a32ec61a93276b961f693N.exe

  • Size

    175KB

  • Sample

    241116-f62x3a1cla

  • MD5

    6ed26e0d3178828e1277476b818a6180

  • SHA1

    a633de66d59a357b7b6ca8a2161f667d7d93ec90

  • SHA256

    897f166429b6c1915b13d855b61b0e2d1ccc11b6a40a32ec61a93276b961f693

  • SHA512

    6e13ca2f443ba1cdb1a2cca5b7dd08eccd60cbfd5046b880b28f05c51796420577527a7ce51cc39ccd7444f69463cd81e7742494c8f44a32bc61344daccfa0a5

  • SSDEEP

    3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOG:oqZVTPfBbXh

Malware Config

Extracted

Family

redline

Botnet

dunkan

C2

193.233.20.24:4123

Attributes
  • auth_value

    505c396c57c6287fc3fdc5f3aeab0819

Targets

    • Target

      897f166429b6c1915b13d855b61b0e2d1ccc11b6a40a32ec61a93276b961f693N.exe

    • Size

      175KB

    • MD5

      6ed26e0d3178828e1277476b818a6180

    • SHA1

      a633de66d59a357b7b6ca8a2161f667d7d93ec90

    • SHA256

      897f166429b6c1915b13d855b61b0e2d1ccc11b6a40a32ec61a93276b961f693

    • SHA512

      6e13ca2f443ba1cdb1a2cca5b7dd08eccd60cbfd5046b880b28f05c51796420577527a7ce51cc39ccd7444f69463cd81e7742494c8f44a32bc61344daccfa0a5

    • SSDEEP

      3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOG:oqZVTPfBbXh

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks