General

  • Target

    ded2f86770cba43e76e40d1e383ba8ebc89e60391534dfa50fbfd147764000a9.exe

  • Size

    175KB

  • Sample

    241117-l9lyxaxerc

  • MD5

    0b5036c825f245e93964f157ccd034e7

  • SHA1

    83fb46fd7d36d541a9fab9704bd22c3f36116bc5

  • SHA256

    ded2f86770cba43e76e40d1e383ba8ebc89e60391534dfa50fbfd147764000a9

  • SHA512

    5497f4cb65cb65bf23da02973f99cae29d799685792ca1443a9bd52732420c1f10a9d38a885b83daa1e7bec372c95dd1d0b82bd06c1753333044ef1f2bae9063

  • SSDEEP

    3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jON:oqZVTPfBbXhm

Malware Config

Extracted

Family

redline

Botnet

dunkan

C2

193.233.20.24:4123

Attributes
  • auth_value

    505c396c57c6287fc3fdc5f3aeab0819

Targets

    • Target

      ded2f86770cba43e76e40d1e383ba8ebc89e60391534dfa50fbfd147764000a9.exe

    • Size

      175KB

    • MD5

      0b5036c825f245e93964f157ccd034e7

    • SHA1

      83fb46fd7d36d541a9fab9704bd22c3f36116bc5

    • SHA256

      ded2f86770cba43e76e40d1e383ba8ebc89e60391534dfa50fbfd147764000a9

    • SHA512

      5497f4cb65cb65bf23da02973f99cae29d799685792ca1443a9bd52732420c1f10a9d38a885b83daa1e7bec372c95dd1d0b82bd06c1753333044ef1f2bae9063

    • SSDEEP

      3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jON:oqZVTPfBbXhm

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks