General

  • Target

    7c48546577bbf96be55514f284de575bd332a1e3ad3285c1e9d228d88004d8b1

  • Size

    441KB

  • Sample

    241104-yhfn2awcre

  • MD5

    d8a8581959c21b6badf6ae695ae6dd1c

  • SHA1

    6f13d5884ad419bfca1ba36f6c9f83627d65b32d

  • SHA256

    7c48546577bbf96be55514f284de575bd332a1e3ad3285c1e9d228d88004d8b1

  • SHA512

    b92d22fe2707c231ccdea670233ada907a949c8c9f008444a8634b93b8c493882a8a309e9899e2d4ccb11d25ee46c162cfd80bd8580008e30b13234bafae0b71

  • SSDEEP

    6144:pWRvYkImF8hmIaBp5fv0WeTkJ0+W/l2LeFV9jz67Quc:uc45hX0VTklIl2LGn60uc

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      7c48546577bbf96be55514f284de575bd332a1e3ad3285c1e9d228d88004d8b1

    • Size

      441KB

    • MD5

      d8a8581959c21b6badf6ae695ae6dd1c

    • SHA1

      6f13d5884ad419bfca1ba36f6c9f83627d65b32d

    • SHA256

      7c48546577bbf96be55514f284de575bd332a1e3ad3285c1e9d228d88004d8b1

    • SHA512

      b92d22fe2707c231ccdea670233ada907a949c8c9f008444a8634b93b8c493882a8a309e9899e2d4ccb11d25ee46c162cfd80bd8580008e30b13234bafae0b71

    • SSDEEP

      6144:pWRvYkImF8hmIaBp5fv0WeTkJ0+W/l2LeFV9jz67Quc:uc45hX0VTklIl2LGn60uc

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks