General

  • Target

    21176941283d2aad4b0b138ca54cc4f2be79eded310e290c02bcd9ce628c78fa

  • Size

    434KB

  • Sample

    241105-2yk58szlct

  • MD5

    37af7635c74d8e573fcc2307d6e45ee9

  • SHA1

    ad9ae42c44fd34635c3492a132112b7b9bced397

  • SHA256

    21176941283d2aad4b0b138ca54cc4f2be79eded310e290c02bcd9ce628c78fa

  • SHA512

    6a5a0524fe0a9da52f652dec73a975acaf07c31ad916b58c9c43e22acbfd869e131e51f6a798c9bf31610f122de0505d9208d64fc0727f5d57bc597c8f71103b

  • SSDEEP

    12288:Yny46AqB/g47hhVOlv/L1wS3KpiT8nokS:1jR/9VDOlv/GxiTpkS

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      21176941283d2aad4b0b138ca54cc4f2be79eded310e290c02bcd9ce628c78fa

    • Size

      434KB

    • MD5

      37af7635c74d8e573fcc2307d6e45ee9

    • SHA1

      ad9ae42c44fd34635c3492a132112b7b9bced397

    • SHA256

      21176941283d2aad4b0b138ca54cc4f2be79eded310e290c02bcd9ce628c78fa

    • SHA512

      6a5a0524fe0a9da52f652dec73a975acaf07c31ad916b58c9c43e22acbfd869e131e51f6a798c9bf31610f122de0505d9208d64fc0727f5d57bc597c8f71103b

    • SSDEEP

      12288:Yny46AqB/g47hhVOlv/L1wS3KpiT8nokS:1jR/9VDOlv/GxiTpkS

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks