General

  • Target

    fd94b69070967c1c11e437a839af0af32ab9a187e0a4de4ebcf1ead0d45bf126

  • Size

    433KB

  • Sample

    241104-z6bwesxelb

  • MD5

    867683c45d9b15a3b098cb8650610c92

  • SHA1

    a909d8ad8dcd5d070eccc4f70c8d2afa4adc5eb7

  • SHA256

    fd94b69070967c1c11e437a839af0af32ab9a187e0a4de4ebcf1ead0d45bf126

  • SHA512

    adce4f165f9d107d9323799f3a987d0a2f61b19902f25afcf0ea569f89a877e1e0bbd88df0949f26358b7b9d685e87aa8f964050fcb9c48362e5487af3f29009

  • SSDEEP

    12288:A23qDw0q1u4suLA7OTxt05stpu9fobrhJuGHlA:ACqcpZJLA762evuihb

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      fd94b69070967c1c11e437a839af0af32ab9a187e0a4de4ebcf1ead0d45bf126

    • Size

      433KB

    • MD5

      867683c45d9b15a3b098cb8650610c92

    • SHA1

      a909d8ad8dcd5d070eccc4f70c8d2afa4adc5eb7

    • SHA256

      fd94b69070967c1c11e437a839af0af32ab9a187e0a4de4ebcf1ead0d45bf126

    • SHA512

      adce4f165f9d107d9323799f3a987d0a2f61b19902f25afcf0ea569f89a877e1e0bbd88df0949f26358b7b9d685e87aa8f964050fcb9c48362e5487af3f29009

    • SSDEEP

      12288:A23qDw0q1u4suLA7OTxt05stpu9fobrhJuGHlA:ACqcpZJLA762evuihb

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks