General

  • Target

    e49e537f5d37c1c4564f74d9f69cd9ff32da1930eb364ccd2d6003b4f3497e9f

  • Size

    434KB

  • Sample

    241105-2ach7azcre

  • MD5

    d913f6421b8fd4ec0963906ad67ea00b

  • SHA1

    083fd6ba4623febc5d3bea33a21a8cce993874a0

  • SHA256

    e49e537f5d37c1c4564f74d9f69cd9ff32da1930eb364ccd2d6003b4f3497e9f

  • SHA512

    3f757950f1dd6063e34092b55ad4bdd6664aa9f2e5441b39bbb5abf8e688b2cf090528e5307ab83962baacb4cf352e5df167904351889823e2a40f3473e5d286

  • SSDEEP

    6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      e49e537f5d37c1c4564f74d9f69cd9ff32da1930eb364ccd2d6003b4f3497e9f

    • Size

      434KB

    • MD5

      d913f6421b8fd4ec0963906ad67ea00b

    • SHA1

      083fd6ba4623febc5d3bea33a21a8cce993874a0

    • SHA256

      e49e537f5d37c1c4564f74d9f69cd9ff32da1930eb364ccd2d6003b4f3497e9f

    • SHA512

      3f757950f1dd6063e34092b55ad4bdd6664aa9f2e5441b39bbb5abf8e688b2cf090528e5307ab83962baacb4cf352e5df167904351889823e2a40f3473e5d286

    • SSDEEP

      6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks