General

  • Target

    kiyan.exe

  • Size

    304KB

  • Sample

    241213-mmpa7avrfw

  • MD5

    44e17821665477b21d6c50cee97c84ef

  • SHA1

    4fc146790747758f49f1fd4375144f000099a6cb

  • SHA256

    5adac427a6eff8b0c1674c6095e2719d5ee46945fd4e397384af02b8ec691045

  • SHA512

    ab98a8151b41b56d7e59c375541c366df2f83c01ee26a5d1f079f74fb69eac4d229df62d3900eb8db6fd8cae1e420c21b7b9b2b3a44a8b135cb6659b6b70b6dc

  • SSDEEP

    3072:0q6EgY6iIrUjatQcwPBgGzXnuTAmthSKMFcZqf7D34teqiOLibBOP:fqY6iwwPZDnuTACh+FcZqf7DIXL

Malware Config

Extracted

Family

redline

C2

38.180.109.140:20007

Targets

    • Target

      kiyan.exe

    • Size

      304KB

    • MD5

      44e17821665477b21d6c50cee97c84ef

    • SHA1

      4fc146790747758f49f1fd4375144f000099a6cb

    • SHA256

      5adac427a6eff8b0c1674c6095e2719d5ee46945fd4e397384af02b8ec691045

    • SHA512

      ab98a8151b41b56d7e59c375541c366df2f83c01ee26a5d1f079f74fb69eac4d229df62d3900eb8db6fd8cae1e420c21b7b9b2b3a44a8b135cb6659b6b70b6dc

    • SSDEEP

      3072:0q6EgY6iIrUjatQcwPBgGzXnuTAmthSKMFcZqf7D34teqiOLibBOP:fqY6iwwPZDnuTACh+FcZqf7DIXL

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks