General

  • Target

    a4e23c5a43fa8b748d2ed928d2c7f03cc1845aa2335050af41546297a91aadcf

  • Size

    434KB

  • Sample

    241105-3shnlazrbs

  • MD5

    d2445451c127358dbc0a61d812f5563d

  • SHA1

    b55000f303706cad4b9e8628a5d1ffbd30a1f647

  • SHA256

    a4e23c5a43fa8b748d2ed928d2c7f03cc1845aa2335050af41546297a91aadcf

  • SHA512

    45f277bdc96bd2d45ef1fc3421d24de10d7970b5a8ca6115734e0628a10a67368f9d812af61116f1bf62657ba3bb585a599f06f98d6f32bb61027719ec0b23de

  • SSDEEP

    12288:OIVUIC/qcIs72/cPQIInQAoqMQdds+4R:OKUIC/2CPQVQdW3

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      a4e23c5a43fa8b748d2ed928d2c7f03cc1845aa2335050af41546297a91aadcf

    • Size

      434KB

    • MD5

      d2445451c127358dbc0a61d812f5563d

    • SHA1

      b55000f303706cad4b9e8628a5d1ffbd30a1f647

    • SHA256

      a4e23c5a43fa8b748d2ed928d2c7f03cc1845aa2335050af41546297a91aadcf

    • SHA512

      45f277bdc96bd2d45ef1fc3421d24de10d7970b5a8ca6115734e0628a10a67368f9d812af61116f1bf62657ba3bb585a599f06f98d6f32bb61027719ec0b23de

    • SSDEEP

      12288:OIVUIC/qcIs72/cPQIInQAoqMQdds+4R:OKUIC/2CPQVQdW3

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks