General

  • Target

    4d596c400beeffb1e60956e479a8b9e6e8ddd6bb91b76ecba9c8e5d83d8ec1a0

  • Size

    432KB

  • Sample

    241104-1qm47aydjl

  • MD5

    e79c222d57b52096b1e9448c47022b4e

  • SHA1

    18cf2ee5090a4f6ffd01299aa537e52f5bfd129d

  • SHA256

    4d596c400beeffb1e60956e479a8b9e6e8ddd6bb91b76ecba9c8e5d83d8ec1a0

  • SHA512

    30c53ee5e13da8ec997e1425ad917038213882b46d61409c10e8af952148158e629a2db702137566b2b5db5842194c890178ab3aebe083fd7e07547c6fb4f38d

  • SSDEEP

    6144:yGO9Zbg+pdyt8LlZuPpTOl2eV7pw5fq22bM0harV83KpzZWK3g2tF0:VO91g+pdytWZucV2E3harS3KpMK3g2T

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      4d596c400beeffb1e60956e479a8b9e6e8ddd6bb91b76ecba9c8e5d83d8ec1a0

    • Size

      432KB

    • MD5

      e79c222d57b52096b1e9448c47022b4e

    • SHA1

      18cf2ee5090a4f6ffd01299aa537e52f5bfd129d

    • SHA256

      4d596c400beeffb1e60956e479a8b9e6e8ddd6bb91b76ecba9c8e5d83d8ec1a0

    • SHA512

      30c53ee5e13da8ec997e1425ad917038213882b46d61409c10e8af952148158e629a2db702137566b2b5db5842194c890178ab3aebe083fd7e07547c6fb4f38d

    • SSDEEP

      6144:yGO9Zbg+pdyt8LlZuPpTOl2eV7pw5fq22bM0harV83KpzZWK3g2tF0:VO91g+pdytWZucV2E3harS3KpMK3g2T

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks