General

  • Target

    149cf2cb1e68fad5a9153cdb95abf2816270126c9f6f51b720b15a5bb6812656.exe

  • Size

    855KB

  • Sample

    241122-lkyamstrcq

  • MD5

    6e85720374ce57edf27d7c6337fac3c5

  • SHA1

    85e44dad1c1b96cc545b445a2e92de7ffd92f4e4

  • SHA256

    149cf2cb1e68fad5a9153cdb95abf2816270126c9f6f51b720b15a5bb6812656

  • SHA512

    58ee7a86b8141ceba142e533f35bc62702ce2627a8083598fd31ef38f4bbf00ab255fd4327f19fb682d8a9031df3ec815519fd2e731098616ec5e94adfc1ce55

  • SSDEEP

    12288:kwu0gA4e6F9c8TFY5BcQ5wUal7Ts+rHWqxETUnBupICs6Ttxy0b7igdt4fJZE:k+gAp+FYYQKUM7JbI97ign4RZE

Malware Config

Extracted

Family

redline

Botnet

@Iucky_man

C2

92.119.113.189:21746

Attributes
  • auth_value

    de713911efa818890ac36085c9a0fc58

Targets

    • Target

      149cf2cb1e68fad5a9153cdb95abf2816270126c9f6f51b720b15a5bb6812656.exe

    • Size

      855KB

    • MD5

      6e85720374ce57edf27d7c6337fac3c5

    • SHA1

      85e44dad1c1b96cc545b445a2e92de7ffd92f4e4

    • SHA256

      149cf2cb1e68fad5a9153cdb95abf2816270126c9f6f51b720b15a5bb6812656

    • SHA512

      58ee7a86b8141ceba142e533f35bc62702ce2627a8083598fd31ef38f4bbf00ab255fd4327f19fb682d8a9031df3ec815519fd2e731098616ec5e94adfc1ce55

    • SSDEEP

      12288:kwu0gA4e6F9c8TFY5BcQ5wUal7Ts+rHWqxETUnBupICs6Ttxy0b7igdt4fJZE:k+gAp+FYYQKUM7JbI97ign4RZE

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks