General

  • Target

    20f5cc4c6efe145860b1e99943a4accd0f9cc496768bf4ae050e3c274896a792

  • Size

    394KB

  • Sample

    241104-wqpkssvbjh

  • MD5

    148174752a471b756c1702bb3d59634f

  • SHA1

    d4c662ec944c1fe57547eafbb5ca29debf5f7396

  • SHA256

    20f5cc4c6efe145860b1e99943a4accd0f9cc496768bf4ae050e3c274896a792

  • SHA512

    1ce4bc9974ff095fc87c5a6d582edfe6d04ac79048389b6e817db45352cfdf73df181607cd07690c643d57c7f242a68fc9920df30e20c9b32624452414634592

  • SSDEEP

    6144:lPi6qmtILCIkpkM6TocNPoK6PoeZWubwJzOPajIJ+ZMabu0xJMan11zA:l6UWLHkp5In8wJkajQ+eVIJMaQ

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      20f5cc4c6efe145860b1e99943a4accd0f9cc496768bf4ae050e3c274896a792

    • Size

      394KB

    • MD5

      148174752a471b756c1702bb3d59634f

    • SHA1

      d4c662ec944c1fe57547eafbb5ca29debf5f7396

    • SHA256

      20f5cc4c6efe145860b1e99943a4accd0f9cc496768bf4ae050e3c274896a792

    • SHA512

      1ce4bc9974ff095fc87c5a6d582edfe6d04ac79048389b6e817db45352cfdf73df181607cd07690c643d57c7f242a68fc9920df30e20c9b32624452414634592

    • SSDEEP

      6144:lPi6qmtILCIkpkM6TocNPoK6PoeZWubwJzOPajIJ+ZMabu0xJMan11zA:l6UWLHkp5In8wJkajQ+eVIJMaQ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks