General

  • Target

    5b84f06c817a2fdba144d81843e46e2db0ceb331b2a9e1fc4041107b60050a22

  • Size

    394KB

  • Sample

    241104-x8zn6aykgk

  • MD5

    ec84015ca666d8ca328fc1f2e28d2e32

  • SHA1

    48a5aa5d8dabd5f6ead302e97721687c12673956

  • SHA256

    5b84f06c817a2fdba144d81843e46e2db0ceb331b2a9e1fc4041107b60050a22

  • SHA512

    9479b490a232dd99edc957ab256c4d2718d5bc857f4d4347e227ddf22f1feb287724e19a1741334a332d0c3305a243250ed7cc7d68053d5e83cf1e7b89d69784

  • SSDEEP

    6144:lPi6qmtILCIkpkM6TocNPoK6PoeZWubwJzOPajIJ+ZMabu0xJMan11zA:l6UWLHkp5In8wJkajQ+eVIJMaQ

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      5b84f06c817a2fdba144d81843e46e2db0ceb331b2a9e1fc4041107b60050a22

    • Size

      394KB

    • MD5

      ec84015ca666d8ca328fc1f2e28d2e32

    • SHA1

      48a5aa5d8dabd5f6ead302e97721687c12673956

    • SHA256

      5b84f06c817a2fdba144d81843e46e2db0ceb331b2a9e1fc4041107b60050a22

    • SHA512

      9479b490a232dd99edc957ab256c4d2718d5bc857f4d4347e227ddf22f1feb287724e19a1741334a332d0c3305a243250ed7cc7d68053d5e83cf1e7b89d69784

    • SSDEEP

      6144:lPi6qmtILCIkpkM6TocNPoK6PoeZWubwJzOPajIJ+ZMabu0xJMan11zA:l6UWLHkp5In8wJkajQ+eVIJMaQ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks