General

  • Target

    fc7d0cdf504c6423a38819c00f157f061d576ba6d913d09d74816271446f15a7

  • Size

    432KB

  • Sample

    241104-xpmv9axrak

  • MD5

    725f6f6e81b14e1644afbf46d3f862ae

  • SHA1

    32c03ed2c2b8d9ff84434f03b9620e74932955ec

  • SHA256

    fc7d0cdf504c6423a38819c00f157f061d576ba6d913d09d74816271446f15a7

  • SHA512

    1f4b9f4cb6a7e00d3b75a7594909d004854da50624817afc8022ea20ddd4497aed1de19653d42ddfe2498774ba31d48844fe3cf49c5dcebf579fd808ac2170be

  • SSDEEP

    6144:yGO9Zbg+pdyt8LlZuPpTOl2eV7pw5fq22bM0harV83KpzZWK3g2tF0:VO91g+pdytWZucV2E3harS3KpMK3g2T

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      fc7d0cdf504c6423a38819c00f157f061d576ba6d913d09d74816271446f15a7

    • Size

      432KB

    • MD5

      725f6f6e81b14e1644afbf46d3f862ae

    • SHA1

      32c03ed2c2b8d9ff84434f03b9620e74932955ec

    • SHA256

      fc7d0cdf504c6423a38819c00f157f061d576ba6d913d09d74816271446f15a7

    • SHA512

      1f4b9f4cb6a7e00d3b75a7594909d004854da50624817afc8022ea20ddd4497aed1de19653d42ddfe2498774ba31d48844fe3cf49c5dcebf579fd808ac2170be

    • SSDEEP

      6144:yGO9Zbg+pdyt8LlZuPpTOl2eV7pw5fq22bM0harV83KpzZWK3g2tF0:VO91g+pdytWZucV2E3harS3KpMK3g2T

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks