General

  • Target

    ec6e80d60a238ece790a3945438dc2cd27dccb850eaee21454e54b96aa20f533

  • Size

    394KB

  • Sample

    241104-3albrszbjg

  • MD5

    f48b80dc7b9469ffeb70698c7923a772

  • SHA1

    8d285cd8b5bf2b1ff8dc242cf9f959e9dbf0bf0d

  • SHA256

    ec6e80d60a238ece790a3945438dc2cd27dccb850eaee21454e54b96aa20f533

  • SHA512

    225a395f52deec0521b4710b5ecc53d0bfa05188fa3dcc0ee7dead09d48025dec5134b1e00927e101877fd2c1a32849d18a557731358522d598062939d77c8d6

  • SSDEEP

    6144:lPi6qmtILCIkpkM6TocNPoK6PoeZWubwJzOPajIJ+ZMabu0xJMan11zA:l6UWLHkp5In8wJkajQ+eVIJMaQ

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      ec6e80d60a238ece790a3945438dc2cd27dccb850eaee21454e54b96aa20f533

    • Size

      394KB

    • MD5

      f48b80dc7b9469ffeb70698c7923a772

    • SHA1

      8d285cd8b5bf2b1ff8dc242cf9f959e9dbf0bf0d

    • SHA256

      ec6e80d60a238ece790a3945438dc2cd27dccb850eaee21454e54b96aa20f533

    • SHA512

      225a395f52deec0521b4710b5ecc53d0bfa05188fa3dcc0ee7dead09d48025dec5134b1e00927e101877fd2c1a32849d18a557731358522d598062939d77c8d6

    • SSDEEP

      6144:lPi6qmtILCIkpkM6TocNPoK6PoeZWubwJzOPajIJ+ZMabu0xJMan11zA:l6UWLHkp5In8wJkajQ+eVIJMaQ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks