General

  • Target

    7537cfbc68cc44bb872f07ecf5eeb85b0256c2854fe634b82235037b62e9641f

  • Size

    394KB

  • Sample

    241104-wrzr6axldm

  • MD5

    c79d0f35a71588c470de6197ec3fbc00

  • SHA1

    5e92e9ea083390c153b4fe98b5014c83a7ed4824

  • SHA256

    7537cfbc68cc44bb872f07ecf5eeb85b0256c2854fe634b82235037b62e9641f

  • SHA512

    049906864b87fc97758842635627ba32679a4bb0725c2d61e6a50aef212caad1fc1861e7b9da31503482835c6aee96df29323f5d7371ee98adbf95bcce26f8ab

  • SSDEEP

    6144:lPi6qmtILCIkpkM6TocNPoK6PoeZWubwJzOPajIJ+ZMabu0xJMan11zA:l6UWLHkp5In8wJkajQ+eVIJMaQ

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      7537cfbc68cc44bb872f07ecf5eeb85b0256c2854fe634b82235037b62e9641f

    • Size

      394KB

    • MD5

      c79d0f35a71588c470de6197ec3fbc00

    • SHA1

      5e92e9ea083390c153b4fe98b5014c83a7ed4824

    • SHA256

      7537cfbc68cc44bb872f07ecf5eeb85b0256c2854fe634b82235037b62e9641f

    • SHA512

      049906864b87fc97758842635627ba32679a4bb0725c2d61e6a50aef212caad1fc1861e7b9da31503482835c6aee96df29323f5d7371ee98adbf95bcce26f8ab

    • SSDEEP

      6144:lPi6qmtILCIkpkM6TocNPoK6PoeZWubwJzOPajIJ+ZMabu0xJMan11zA:l6UWLHkp5In8wJkajQ+eVIJMaQ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks