General

  • Target

    a0ea6ca2cf0e3384f878f99dc47163fbab508cecf717e8e6006af232078266b3

  • Size

    394KB

  • Sample

    241104-1xndjayaqg

  • MD5

    1002966f4572d98d2fe870b56de5667f

  • SHA1

    658add04137684afb63885d56cedb3348d8fdccf

  • SHA256

    a0ea6ca2cf0e3384f878f99dc47163fbab508cecf717e8e6006af232078266b3

  • SHA512

    598fb8fe2cf19b310511973656c9a52e6d98dbef0521a57ee2d56836c495f0cda99a56f1658ded7bd993a0c27d0a47ce838bc8f1b369bae8cfbf5d07742835c0

  • SSDEEP

    6144:lPi6qmtILCIkpkM6TocNPoK6PoeZWubwJzOPajIJ+ZMabu0xJMan11zA:l6UWLHkp5In8wJkajQ+eVIJMaQ

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      a0ea6ca2cf0e3384f878f99dc47163fbab508cecf717e8e6006af232078266b3

    • Size

      394KB

    • MD5

      1002966f4572d98d2fe870b56de5667f

    • SHA1

      658add04137684afb63885d56cedb3348d8fdccf

    • SHA256

      a0ea6ca2cf0e3384f878f99dc47163fbab508cecf717e8e6006af232078266b3

    • SHA512

      598fb8fe2cf19b310511973656c9a52e6d98dbef0521a57ee2d56836c495f0cda99a56f1658ded7bd993a0c27d0a47ce838bc8f1b369bae8cfbf5d07742835c0

    • SSDEEP

      6144:lPi6qmtILCIkpkM6TocNPoK6PoeZWubwJzOPajIJ+ZMabu0xJMan11zA:l6UWLHkp5In8wJkajQ+eVIJMaQ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks