General

  • Target

    c71d4145d60fc1171f8ed8bafe75ed7d112eb3517aa7f8347d9c244c7a69a9a3.exe

  • Size

    175KB

  • Sample

    241118-d6p76axkfw

  • MD5

    2bb8110610b4d65afefd408b93c63263

  • SHA1

    f45d45983960be42bf8164f66cd49ea26a3ca3f6

  • SHA256

    c71d4145d60fc1171f8ed8bafe75ed7d112eb3517aa7f8347d9c244c7a69a9a3

  • SHA512

    2b604417ab0a6c452373c048cf564e9fe7df29f0423414122ac6cba2157777f60e2c3bb8a8d26e13b144f440479657bc17358a6a6a48bc1f75c062a1e611d423

  • SSDEEP

    3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOv:oqZVTPfBbXhy

Malware Config

Extracted

Family

redline

Botnet

dunkan

C2

193.233.20.24:4123

Attributes
  • auth_value

    505c396c57c6287fc3fdc5f3aeab0819

Targets

    • Target

      c71d4145d60fc1171f8ed8bafe75ed7d112eb3517aa7f8347d9c244c7a69a9a3.exe

    • Size

      175KB

    • MD5

      2bb8110610b4d65afefd408b93c63263

    • SHA1

      f45d45983960be42bf8164f66cd49ea26a3ca3f6

    • SHA256

      c71d4145d60fc1171f8ed8bafe75ed7d112eb3517aa7f8347d9c244c7a69a9a3

    • SHA512

      2b604417ab0a6c452373c048cf564e9fe7df29f0423414122ac6cba2157777f60e2c3bb8a8d26e13b144f440479657bc17358a6a6a48bc1f75c062a1e611d423

    • SSDEEP

      3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOv:oqZVTPfBbXhy

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks