General

  • Target

    165a4acacb37fec8b30b40718cf4608930484a2a6fe25b38ccdbcd6a4161f53c

  • Size

    168KB

  • Sample

    241118-yfkvzaynak

  • MD5

    40d1bf7843868d428125b6a010713c3f

  • SHA1

    2452cb27a47afc6ae876c7966013270d46e14ac6

  • SHA256

    165a4acacb37fec8b30b40718cf4608930484a2a6fe25b38ccdbcd6a4161f53c

  • SHA512

    0e9e2aa6186940c6bb8c1e28fe60fddfba1fd7ec7d61c3048f0baaf152717439880fb0f75567ee57f13daf50510ae58d0c40aea6937cb9ea160bea58008dbab8

  • SSDEEP

    3072:ehIjvV8W7zYU5DEEkqVUcU7GZQh7l8e8hn:ehIjTb5D2DEZQh7l

Malware Config

Extracted

Family

redline

Botnet

dars

C2

83.97.73.127:19045

Attributes
  • auth_value

    7cd208e6b6c927262304d5d4d88647fd

Targets

    • Target

      165a4acacb37fec8b30b40718cf4608930484a2a6fe25b38ccdbcd6a4161f53c

    • Size

      168KB

    • MD5

      40d1bf7843868d428125b6a010713c3f

    • SHA1

      2452cb27a47afc6ae876c7966013270d46e14ac6

    • SHA256

      165a4acacb37fec8b30b40718cf4608930484a2a6fe25b38ccdbcd6a4161f53c

    • SHA512

      0e9e2aa6186940c6bb8c1e28fe60fddfba1fd7ec7d61c3048f0baaf152717439880fb0f75567ee57f13daf50510ae58d0c40aea6937cb9ea160bea58008dbab8

    • SSDEEP

      3072:ehIjvV8W7zYU5DEEkqVUcU7GZQh7l8e8hn:ehIjTb5D2DEZQh7l

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks