General

  • Target

    5467f8a86a1339347b22947614ae08bcf120152ff1448e297297fb62595c32ca.exe

  • Size

    168KB

  • Sample

    241117-pqk42szfkr

  • MD5

    e98c7f9ef4987ea6255fb0adfe741899

  • SHA1

    82b10cc9f7e7237a722a0e80910aa1659945841b

  • SHA256

    5467f8a86a1339347b22947614ae08bcf120152ff1448e297297fb62595c32ca

  • SHA512

    4a63060c53b1642c3bd5b49e462dc44081877171659b892b49c032642031421cf4fb05141aaef500582aaf287169ebb018364bde91eb146710550c32248ddaa8

  • SSDEEP

    3072:uJaohQaSe5clFcb0iCKbqVsTQZxTcVL8e8h2D:uJteaSe5clhiVwxTcVL5

Malware Config

Extracted

Family

redline

Botnet

mazda

C2

217.196.96.56:4138

Attributes
  • auth_value

    3d2870537d84a4c6d7aeecd002871c51

Targets

    • Target

      5467f8a86a1339347b22947614ae08bcf120152ff1448e297297fb62595c32ca.exe

    • Size

      168KB

    • MD5

      e98c7f9ef4987ea6255fb0adfe741899

    • SHA1

      82b10cc9f7e7237a722a0e80910aa1659945841b

    • SHA256

      5467f8a86a1339347b22947614ae08bcf120152ff1448e297297fb62595c32ca

    • SHA512

      4a63060c53b1642c3bd5b49e462dc44081877171659b892b49c032642031421cf4fb05141aaef500582aaf287169ebb018364bde91eb146710550c32248ddaa8

    • SSDEEP

      3072:uJaohQaSe5clFcb0iCKbqVsTQZxTcVL8e8h2D:uJteaSe5clhiVwxTcVL5

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks