General

  • Target

    a4c237f736ced87643fb67db8c3f3161a1ea030d46a5e9356cd6ba5c1e27f155

  • Size

    433KB

  • Sample

    241104-y1bsssxamj

  • MD5

    2e9d13c31a4e0e59e28679cf815ba39d

  • SHA1

    e468410d359f80f8efb340449b7acdf8014e3d9a

  • SHA256

    a4c237f736ced87643fb67db8c3f3161a1ea030d46a5e9356cd6ba5c1e27f155

  • SHA512

    e17262a22b3a0bfb934fcb1daf4ce21d5f8a56ba8630bdb2d9b47c1bc143c60fc06cf9125a6070883fca5b1cd35ea9ccc6e755654745414edccbd040554fdd7f

  • SSDEEP

    6144:AdToZq3KGUE6ySWgZk589XDR8JuLLH2PRpm7oio4AylG8Tqpx:KTn4E6y+k58dGQX2PRpm7/o4AD8Tq/

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      a4c237f736ced87643fb67db8c3f3161a1ea030d46a5e9356cd6ba5c1e27f155

    • Size

      433KB

    • MD5

      2e9d13c31a4e0e59e28679cf815ba39d

    • SHA1

      e468410d359f80f8efb340449b7acdf8014e3d9a

    • SHA256

      a4c237f736ced87643fb67db8c3f3161a1ea030d46a5e9356cd6ba5c1e27f155

    • SHA512

      e17262a22b3a0bfb934fcb1daf4ce21d5f8a56ba8630bdb2d9b47c1bc143c60fc06cf9125a6070883fca5b1cd35ea9ccc6e755654745414edccbd040554fdd7f

    • SSDEEP

      6144:AdToZq3KGUE6ySWgZk589XDR8JuLLH2PRpm7oio4AylG8Tqpx:KTn4E6y+k58dGQX2PRpm7/o4AD8Tq/

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks