General

  • Target

    78eec9f3b2b63bd608d7f03faa512ad6fe82d533ef762e763e3c456eee1d968d

  • Size

    446KB

  • Sample

    241105-24z7catker

  • MD5

    12f99d25131df3d82f076d5b2466bf75

  • SHA1

    ea58441efdcf5cfd6a2268367307bb33a6b6ee0c

  • SHA256

    78eec9f3b2b63bd608d7f03faa512ad6fe82d533ef762e763e3c456eee1d968d

  • SHA512

    bac3ac2913663d072f0a8f7d3badf7f0817fbfc78b9a4f7738a525592217c8968b1140eef80e67469b46e31df4a757127435c6bcd56ba29df9bd9f978e30b1c4

  • SSDEEP

    6144:eg+lNH+X9g4imz2aXhFynFk5wrarFSv0Ytn33CXjIi5xLS6xP5Of8CqK:E3vmz2UyO5yarIcc33CTv5xLnxOf

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      78eec9f3b2b63bd608d7f03faa512ad6fe82d533ef762e763e3c456eee1d968d

    • Size

      446KB

    • MD5

      12f99d25131df3d82f076d5b2466bf75

    • SHA1

      ea58441efdcf5cfd6a2268367307bb33a6b6ee0c

    • SHA256

      78eec9f3b2b63bd608d7f03faa512ad6fe82d533ef762e763e3c456eee1d968d

    • SHA512

      bac3ac2913663d072f0a8f7d3badf7f0817fbfc78b9a4f7738a525592217c8968b1140eef80e67469b46e31df4a757127435c6bcd56ba29df9bd9f978e30b1c4

    • SSDEEP

      6144:eg+lNH+X9g4imz2aXhFynFk5wrarFSv0Ytn33CXjIi5xLS6xP5Of8CqK:E3vmz2UyO5yarIcc33CTv5xLnxOf

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks