General

  • Target

    a19c55214518380d708eae69361fb81b8e0d90a0af578190e337886bbabd3e93N.exe

  • Size

    175KB

  • Sample

    241117-v925kavfml

  • MD5

    19d85a40eee2e71a6e681de860199ae0

  • SHA1

    046d25f1515eda422e153363b2c7931263cfe9bc

  • SHA256

    a19c55214518380d708eae69361fb81b8e0d90a0af578190e337886bbabd3e93

  • SHA512

    d977af95d0acf3f42e9c5bd97d658ec4ba8eb9071df68c8f498fec7e844870203f0be18651d86f8f83f5b1c995515770c60f5ea858a51a560e572b29deb874a9

  • SSDEEP

    3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOG:oqZVTPfBbXh

Malware Config

Extracted

Family

redline

Botnet

dunkan

C2

193.233.20.24:4123

Attributes
  • auth_value

    505c396c57c6287fc3fdc5f3aeab0819

Targets

    • Target

      a19c55214518380d708eae69361fb81b8e0d90a0af578190e337886bbabd3e93N.exe

    • Size

      175KB

    • MD5

      19d85a40eee2e71a6e681de860199ae0

    • SHA1

      046d25f1515eda422e153363b2c7931263cfe9bc

    • SHA256

      a19c55214518380d708eae69361fb81b8e0d90a0af578190e337886bbabd3e93

    • SHA512

      d977af95d0acf3f42e9c5bd97d658ec4ba8eb9071df68c8f498fec7e844870203f0be18651d86f8f83f5b1c995515770c60f5ea858a51a560e572b29deb874a9

    • SSDEEP

      3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOG:oqZVTPfBbXh

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks