General

  • Target

    177f855a396f1cdfeeb65999a640d504c0e70b139d104133b770f18f08c65fd0

  • Size

    446KB

  • Sample

    241105-1d9gnazcpr

  • MD5

    486cc809eb997988f2e093524a659d41

  • SHA1

    5aaec1a18e8a27e01b7b0bd4d9f5d3703d6cc3b6

  • SHA256

    177f855a396f1cdfeeb65999a640d504c0e70b139d104133b770f18f08c65fd0

  • SHA512

    7bee2fdbbb3186a5490f0304d31246d33bacea6275f59e45de7dc2908b23b0bd02c3209cc5ce32fcd313d5c10029598a415e25d4d2846482516d2b4e725e8370

  • SSDEEP

    6144:eg+lNH+X9g4imz2aXhFynFk5wrarFSv0Ytn33CXjIi5xLS6xP5Of8CqK:E3vmz2UyO5yarIcc33CTv5xLnxOf

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      177f855a396f1cdfeeb65999a640d504c0e70b139d104133b770f18f08c65fd0

    • Size

      446KB

    • MD5

      486cc809eb997988f2e093524a659d41

    • SHA1

      5aaec1a18e8a27e01b7b0bd4d9f5d3703d6cc3b6

    • SHA256

      177f855a396f1cdfeeb65999a640d504c0e70b139d104133b770f18f08c65fd0

    • SHA512

      7bee2fdbbb3186a5490f0304d31246d33bacea6275f59e45de7dc2908b23b0bd02c3209cc5ce32fcd313d5c10029598a415e25d4d2846482516d2b4e725e8370

    • SSDEEP

      6144:eg+lNH+X9g4imz2aXhFynFk5wrarFSv0Ytn33CXjIi5xLS6xP5Of8CqK:E3vmz2UyO5yarIcc33CTv5xLnxOf

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks