General

  • Target

    edeb85373456d153f787c28a72518b961db93a51a30202b4aba179a00fef2ff6

  • Size

    394KB

  • Sample

    241104-zh16eazkam

  • MD5

    902d5847bd0e998bd71df8a410834b20

  • SHA1

    4ee553b53261f8802d5422c4ca772876aff4aa49

  • SHA256

    edeb85373456d153f787c28a72518b961db93a51a30202b4aba179a00fef2ff6

  • SHA512

    1a822a35582d9a4a048de7b624e4ba4fc33ac18c59b67cc06c820a4f4a9fbabe0a0b4a8dede59caa6c61c49e3744a99c10cdce044338ab6605e5d2c2d3066b14

  • SSDEEP

    6144:lPi6qmtILCIkpkM6TocNPoK6PoeZWubwJzOPajIJ+ZMabu0xJMan11zA:l6UWLHkp5In8wJkajQ+eVIJMaQ

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      edeb85373456d153f787c28a72518b961db93a51a30202b4aba179a00fef2ff6

    • Size

      394KB

    • MD5

      902d5847bd0e998bd71df8a410834b20

    • SHA1

      4ee553b53261f8802d5422c4ca772876aff4aa49

    • SHA256

      edeb85373456d153f787c28a72518b961db93a51a30202b4aba179a00fef2ff6

    • SHA512

      1a822a35582d9a4a048de7b624e4ba4fc33ac18c59b67cc06c820a4f4a9fbabe0a0b4a8dede59caa6c61c49e3744a99c10cdce044338ab6605e5d2c2d3066b14

    • SSDEEP

      6144:lPi6qmtILCIkpkM6TocNPoK6PoeZWubwJzOPajIJ+ZMabu0xJMan11zA:l6UWLHkp5In8wJkajQ+eVIJMaQ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks