General

  • Target

    aba4f87de320c6f572471df255c7f01edf0fc73d75725033ee622e44417c8118

  • Size

    273KB

  • Sample

    241105-2376ka1eqp

  • MD5

    324c052a9fd2c3aa4c2f8302361b972d

  • SHA1

    3a4c542adc0606f6a140cb915ea1fbf7ee7a9a84

  • SHA256

    aba4f87de320c6f572471df255c7f01edf0fc73d75725033ee622e44417c8118

  • SHA512

    aeb05136b8b38e4950407983cb22c5652c8bc8e0ab7cff21460f5738bd831689cb1c73d9f14397f29b2048c571e21ec86aea9a37396b70e3a04d8795a863bc69

  • SSDEEP

    6144:j8qL1OPq9S9LzZB4z16XgrVVED7jgxr23r3VwGB:oqcPq9S1ZB4z1+grAD3gxib9

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      aba4f87de320c6f572471df255c7f01edf0fc73d75725033ee622e44417c8118

    • Size

      273KB

    • MD5

      324c052a9fd2c3aa4c2f8302361b972d

    • SHA1

      3a4c542adc0606f6a140cb915ea1fbf7ee7a9a84

    • SHA256

      aba4f87de320c6f572471df255c7f01edf0fc73d75725033ee622e44417c8118

    • SHA512

      aeb05136b8b38e4950407983cb22c5652c8bc8e0ab7cff21460f5738bd831689cb1c73d9f14397f29b2048c571e21ec86aea9a37396b70e3a04d8795a863bc69

    • SSDEEP

      6144:j8qL1OPq9S9LzZB4z16XgrVVED7jgxr23r3VwGB:oqcPq9S1ZB4z1+grAD3gxib9

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks