General

  • Target

    bee04103c2e7b5607e8cca58d31244710e2829fb856f7fdba9b1819a55d11604

  • Size

    349KB

  • Sample

    241121-h6nrjszhln

  • MD5

    ea587e305b38df77197add633eb43c6a

  • SHA1

    72ddae4ad88671d2b90791b0ad628b427e0fe6f6

  • SHA256

    bee04103c2e7b5607e8cca58d31244710e2829fb856f7fdba9b1819a55d11604

  • SHA512

    2b9d83b3d37ec0c1afe231628541b16f67c5636ba94ba5ee362bee763355baff0d3239e566369c07d3fb0abd1c0bca0ba29dd383b5a852773c83d0bf62dd8d2f

  • SSDEEP

    6144:0O5W2NLJK6iFesF37vwOTq6WNotqxUrMLvcCwhYQbPtzUJQjdO:d5W2N9K6iFes10OTqqqxUrML1whYQbPl

Malware Config

Extracted

Family

redline

Botnet

down

C2

193.233.20.31:4125

Attributes
  • auth_value

    12c31a90c72f5efae8c053a0bd339381

Targets

    • Target

      bee04103c2e7b5607e8cca58d31244710e2829fb856f7fdba9b1819a55d11604

    • Size

      349KB

    • MD5

      ea587e305b38df77197add633eb43c6a

    • SHA1

      72ddae4ad88671d2b90791b0ad628b427e0fe6f6

    • SHA256

      bee04103c2e7b5607e8cca58d31244710e2829fb856f7fdba9b1819a55d11604

    • SHA512

      2b9d83b3d37ec0c1afe231628541b16f67c5636ba94ba5ee362bee763355baff0d3239e566369c07d3fb0abd1c0bca0ba29dd383b5a852773c83d0bf62dd8d2f

    • SSDEEP

      6144:0O5W2NLJK6iFesF37vwOTq6WNotqxUrMLvcCwhYQbPtzUJQjdO:d5W2N9K6iFes10OTqqqxUrML1whYQbPl

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks