General

  • Target

    4bc491ae5c5cdd489f1fd13303a905591a121a5fd26ed8378918c4f8a13688f5

  • Size

    446KB

  • Sample

    241105-1zm6jsypas

  • MD5

    60cc65a8f2907bee22ef713bb477c4b8

  • SHA1

    1ab0f1dc99a26cdb797e990b6f6910f1b1ae4f97

  • SHA256

    4bc491ae5c5cdd489f1fd13303a905591a121a5fd26ed8378918c4f8a13688f5

  • SHA512

    e506a67d2b23a4cd2a37deff1c32bd16efcec5d9fa7a9ca3287b88fdf5edd3f6be07ec9e7947ed3999bcf6e56363ad1e93199704e2f8d1c02c9694dd38c3b439

  • SSDEEP

    6144:+YyWzDI3pZCdgaf62qT2Ew+34Ua66+u4jPBq2pjSKcGd56:Sv3p4KaEX34UJ6+uw5q2pjxd5

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      4bc491ae5c5cdd489f1fd13303a905591a121a5fd26ed8378918c4f8a13688f5

    • Size

      446KB

    • MD5

      60cc65a8f2907bee22ef713bb477c4b8

    • SHA1

      1ab0f1dc99a26cdb797e990b6f6910f1b1ae4f97

    • SHA256

      4bc491ae5c5cdd489f1fd13303a905591a121a5fd26ed8378918c4f8a13688f5

    • SHA512

      e506a67d2b23a4cd2a37deff1c32bd16efcec5d9fa7a9ca3287b88fdf5edd3f6be07ec9e7947ed3999bcf6e56363ad1e93199704e2f8d1c02c9694dd38c3b439

    • SSDEEP

      6144:+YyWzDI3pZCdgaf62qT2Ew+34Ua66+u4jPBq2pjSKcGd56:Sv3p4KaEX34UJ6+uw5q2pjxd5

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks