General

  • Target

    808b6b3327327bc30d4f84feba7bd8eaa7831ffba625313659d6d77464c734e2

  • Size

    432KB

  • Sample

    241105-3p8qlssanr

  • MD5

    cb9ac6269d7006d822a59c0d3028c63f

  • SHA1

    e53a1c6a251514aec101c6599c9719e6b2bc0e3f

  • SHA256

    808b6b3327327bc30d4f84feba7bd8eaa7831ffba625313659d6d77464c734e2

  • SHA512

    44f4625df126b69b246c5d41bb9d579cd9f2aa49e05f3cb02624dc255bf7d70213c299d15fef8459560369443f5458b96505079c6570861db6eaea76c773c657

  • SSDEEP

    6144:JegQHXT3Kt595Gwa3jL/fhaCkIfyOR0iNHxzjK3mdDqkGs/QAB:J6Dat56webfhaCkIfldHxzm3mdVGs/Q

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      808b6b3327327bc30d4f84feba7bd8eaa7831ffba625313659d6d77464c734e2

    • Size

      432KB

    • MD5

      cb9ac6269d7006d822a59c0d3028c63f

    • SHA1

      e53a1c6a251514aec101c6599c9719e6b2bc0e3f

    • SHA256

      808b6b3327327bc30d4f84feba7bd8eaa7831ffba625313659d6d77464c734e2

    • SHA512

      44f4625df126b69b246c5d41bb9d579cd9f2aa49e05f3cb02624dc255bf7d70213c299d15fef8459560369443f5458b96505079c6570861db6eaea76c773c657

    • SSDEEP

      6144:JegQHXT3Kt595Gwa3jL/fhaCkIfyOR0iNHxzjK3mdDqkGs/QAB:J6Dat56webfhaCkIfldHxzm3mdVGs/Q

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks