General

  • Target

    5559386365d7c2954a40e79ecabd8d08f27f5c93f97dd34b540774731e470e69

  • Size

    394KB

  • Sample

    241105-2ds1casnfp

  • MD5

    d7170da5f1d03fa702951f51af92333b

  • SHA1

    077c313ce4be693a3d2ace4bcfb963f1b9f65362

  • SHA256

    5559386365d7c2954a40e79ecabd8d08f27f5c93f97dd34b540774731e470e69

  • SHA512

    845706918164dc0f95736f2eabade5df0259434d84e095abd9a0004812b8f0b68a8c26a0042a16a507597cc9dbb5c262e138e41714ec6bfa63604cc1b07bcf87

  • SSDEEP

    6144:lPi6qmtILCIkpkM6TocNPoK6PoeZWubwJzOPajIJ+ZMabu0xJMan11zA:l6UWLHkp5In8wJkajQ+eVIJMaQ

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      5559386365d7c2954a40e79ecabd8d08f27f5c93f97dd34b540774731e470e69

    • Size

      394KB

    • MD5

      d7170da5f1d03fa702951f51af92333b

    • SHA1

      077c313ce4be693a3d2ace4bcfb963f1b9f65362

    • SHA256

      5559386365d7c2954a40e79ecabd8d08f27f5c93f97dd34b540774731e470e69

    • SHA512

      845706918164dc0f95736f2eabade5df0259434d84e095abd9a0004812b8f0b68a8c26a0042a16a507597cc9dbb5c262e138e41714ec6bfa63604cc1b07bcf87

    • SSDEEP

      6144:lPi6qmtILCIkpkM6TocNPoK6PoeZWubwJzOPajIJ+ZMabu0xJMan11zA:l6UWLHkp5In8wJkajQ+eVIJMaQ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks