redline | fba5824a7c708acf5edd57c8f6265534ad461c425b9a85238584721abb819177 | Triage

Sharing

General

Target

fba5824a7c708acf5edd57c8f6265534ad461c425b9a85238584721abb819177.exe
Size

175KB
Sample

241119-p46mxawkgy
MD5

9e7b549904454831cb6afb12bc7af5f7
SHA1

c2fd91eb8a54935bad49e544b4a39c7479df003d
SHA256

fba5824a7c708acf5edd57c8f6265534ad461c425b9a85238584721abb819177
SHA512

fc659d442365295b5d0f12674f7250ac231f1a5ba64f48c04aa9fb8ce811b541c2b2cfd267b97c50c29fda9f54d943a93a98f06a9175fb40935652bddae76b92
SSDEEP

3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOF:oqZVTPfBbXhG

Score

10^/10

redline dunkan discovery infostealer

Malware Config

Extracted

Family

redline

Botnet

dunkan

C2

193.233.20.24:4123

Attributes

auth_value
505c396c57c6287fc3fdc5f3aeab0819

Targets

- Target
  
  fba5824a7c708acf5edd57c8f6265534ad461c425b9a85238584721abb819177.exe
- Size
  
  175KB
- MD5
  
  9e7b549904454831cb6afb12bc7af5f7
- SHA1
  
  c2fd91eb8a54935bad49e544b4a39c7479df003d
- SHA256
  
  fba5824a7c708acf5edd57c8f6265534ad461c425b9a85238584721abb819177
- SHA512
  
  fc659d442365295b5d0f12674f7250ac231f1a5ba64f48c04aa9fb8ce811b541c2b2cfd267b97c50c29fda9f54d943a93a98f06a9175fb40935652bddae76b92
- SSDEEP
  
  3072:6xqZWBJaHEDgXTzzfMK8emA9Xh8fxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOF:oqZVTPfBbXhG
Score

10^/10

redline dunkan discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinedunkandiscoveryinfostealer

behavioral2

redlinedunkandiscoveryinfostealer