General

  • Target

    aa512c739b3f0965a65b7f4f3369e9dffb2763aeb1726cb171a596042bdccb79.exe

  • Size

    442KB

  • Sample

    241123-xgejxazrht

  • MD5

    c8f43a26a15a7122db0e7442d5d3215b

  • SHA1

    43967ef38e11f9627ce6487ff20f2285c64b329a

  • SHA256

    aa512c739b3f0965a65b7f4f3369e9dffb2763aeb1726cb171a596042bdccb79

  • SHA512

    a52545427e6d7790eeb4350761ec124a89ab396567ac354263e0a15d7580d160bb0ea1f70bf948e33f5cea3ca43e32e513cddfd577d71de71f8ee1492c13b087

  • SSDEEP

    12288:hvp5AVrf4/wXiFq9XZH5DcwKLD7r3UpZ3Q:hROXi4tXKX7rkHA

Malware Config

Extracted

Family

redline

Botnet

paladin

C2

193.150.103.37:29118

Attributes
  • auth_value

    f27db372188045eefdf974196ead3dae

Targets

    • Target

      aa512c739b3f0965a65b7f4f3369e9dffb2763aeb1726cb171a596042bdccb79.exe

    • Size

      442KB

    • MD5

      c8f43a26a15a7122db0e7442d5d3215b

    • SHA1

      43967ef38e11f9627ce6487ff20f2285c64b329a

    • SHA256

      aa512c739b3f0965a65b7f4f3369e9dffb2763aeb1726cb171a596042bdccb79

    • SHA512

      a52545427e6d7790eeb4350761ec124a89ab396567ac354263e0a15d7580d160bb0ea1f70bf948e33f5cea3ca43e32e513cddfd577d71de71f8ee1492c13b087

    • SSDEEP

      12288:hvp5AVrf4/wXiFq9XZH5DcwKLD7r3UpZ3Q:hROXi4tXKX7rkHA

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks