General

  • Target

    db6bf90c084f63fb9dc80c599519d8267bab32a47e0af38836e98b90ee0ae5d1

  • Size

    434KB

  • Sample

    241104-zthhfawqbt

  • MD5

    01a06351e471f9bad2dd779b563acb8e

  • SHA1

    ead5cb065122d5f18fab919c6dde0861edec8221

  • SHA256

    db6bf90c084f63fb9dc80c599519d8267bab32a47e0af38836e98b90ee0ae5d1

  • SHA512

    c8de95a71d29b8ed6b46d21f785b1059a3b0aa7f80342f848fdddb9b2aa0f04c871f711ca75ff72f7cc055c8663fbfc112c4ee4489d6c1a267a7400a032b5507

  • SSDEEP

    6144:IA/r6ksws1/whwnCWCDmV344pWNE20JvHoinidCso6URDkp6:J/rroDCWeW7sE20JPoinnso6UdK

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      db6bf90c084f63fb9dc80c599519d8267bab32a47e0af38836e98b90ee0ae5d1

    • Size

      434KB

    • MD5

      01a06351e471f9bad2dd779b563acb8e

    • SHA1

      ead5cb065122d5f18fab919c6dde0861edec8221

    • SHA256

      db6bf90c084f63fb9dc80c599519d8267bab32a47e0af38836e98b90ee0ae5d1

    • SHA512

      c8de95a71d29b8ed6b46d21f785b1059a3b0aa7f80342f848fdddb9b2aa0f04c871f711ca75ff72f7cc055c8663fbfc112c4ee4489d6c1a267a7400a032b5507

    • SSDEEP

      6144:IA/r6ksws1/whwnCWCDmV344pWNE20JvHoinidCso6URDkp6:J/rroDCWeW7sE20JPoinnso6UdK

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks