General

  • Target

    859d1151b1892e47b45bd290a5b1256abb55d60896d13c927bcda692c11943a1N.exe

  • Size

    175KB

  • Sample

    241119-czjalayfma

  • MD5

    455ccf06e7c229cc6436060ceefc7f00

  • SHA1

    949fce2dad75284ce83300d785014cab73fc1806

  • SHA256

    859d1151b1892e47b45bd290a5b1256abb55d60896d13c927bcda692c11943a1

  • SHA512

    ca74fd2c7dcc1b7ce79dec3f03f92d039e6d22cf46abc9e45b0210268ddd52d0694c80ee0b652ae365c85babe116ac9166d75f60d44029d7b2ec69c5821714a1

  • SSDEEP

    3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOG:oqZVTPfBbXh

Malware Config

Extracted

Family

redline

Botnet

dunkan

C2

193.233.20.24:4123

Attributes
  • auth_value

    505c396c57c6287fc3fdc5f3aeab0819

Targets

    • Target

      859d1151b1892e47b45bd290a5b1256abb55d60896d13c927bcda692c11943a1N.exe

    • Size

      175KB

    • MD5

      455ccf06e7c229cc6436060ceefc7f00

    • SHA1

      949fce2dad75284ce83300d785014cab73fc1806

    • SHA256

      859d1151b1892e47b45bd290a5b1256abb55d60896d13c927bcda692c11943a1

    • SHA512

      ca74fd2c7dcc1b7ce79dec3f03f92d039e6d22cf46abc9e45b0210268ddd52d0694c80ee0b652ae365c85babe116ac9166d75f60d44029d7b2ec69c5821714a1

    • SSDEEP

      3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOG:oqZVTPfBbXh

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks