General

  • Target

    43fe370d4167606f28bec18176f24bf463dfbe25d8c7335e9c9417b03c5e4919N.exe

  • Size

    175KB

  • Sample

    241116-v3nzcs1ajf

  • MD5

    f50e390de8e10950b90859998e599220

  • SHA1

    67fa38d56822a1db945da5b4941444a7c45df5b3

  • SHA256

    43fe370d4167606f28bec18176f24bf463dfbe25d8c7335e9c9417b03c5e4919

  • SHA512

    2e118b04332968293d53712e9ffc782d47600ec4a8ad2a5f04d0556139825007ab3f229b562a8d52e13fb2897fa026405f0c6d3eec8642486dde92f87da0986c

  • SSDEEP

    3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOG:oqZVTPfBbXh

Malware Config

Extracted

Family

redline

Botnet

dunkan

C2

193.233.20.24:4123

Attributes
  • auth_value

    505c396c57c6287fc3fdc5f3aeab0819

Targets

    • Target

      43fe370d4167606f28bec18176f24bf463dfbe25d8c7335e9c9417b03c5e4919N.exe

    • Size

      175KB

    • MD5

      f50e390de8e10950b90859998e599220

    • SHA1

      67fa38d56822a1db945da5b4941444a7c45df5b3

    • SHA256

      43fe370d4167606f28bec18176f24bf463dfbe25d8c7335e9c9417b03c5e4919

    • SHA512

      2e118b04332968293d53712e9ffc782d47600ec4a8ad2a5f04d0556139825007ab3f229b562a8d52e13fb2897fa026405f0c6d3eec8642486dde92f87da0986c

    • SSDEEP

      3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOG:oqZVTPfBbXh

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks