General

  • Target

    668ab2d46127320315e752bef77422984d2fb911a639fe526a5c5981afc74d72

  • Size

    434KB

  • Sample

    241104-3whsrszenb

  • MD5

    766d5844999cb40f13fabb0b0015ed46

  • SHA1

    55aee67f9aace89fd36e98122eaf8c333db25727

  • SHA256

    668ab2d46127320315e752bef77422984d2fb911a639fe526a5c5981afc74d72

  • SHA512

    65c6ba5226cc418bb9e1477ba1b6dcfe677044d1237eff8a52d477c5a66b51b2c3902c9325438796017f44949b63290fb51342111655a41c8062530efc6406e6

  • SSDEEP

    6144:IA/r6ksws1/whwnCWCDmV344pWNE20JvHoinidCso6URDkp6:J/rroDCWeW7sE20JPoinnso6UdK

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      668ab2d46127320315e752bef77422984d2fb911a639fe526a5c5981afc74d72

    • Size

      434KB

    • MD5

      766d5844999cb40f13fabb0b0015ed46

    • SHA1

      55aee67f9aace89fd36e98122eaf8c333db25727

    • SHA256

      668ab2d46127320315e752bef77422984d2fb911a639fe526a5c5981afc74d72

    • SHA512

      65c6ba5226cc418bb9e1477ba1b6dcfe677044d1237eff8a52d477c5a66b51b2c3902c9325438796017f44949b63290fb51342111655a41c8062530efc6406e6

    • SSDEEP

      6144:IA/r6ksws1/whwnCWCDmV344pWNE20JvHoinidCso6URDkp6:J/rroDCWeW7sE20JPoinnso6UdK

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks