General

  • Target

    5970285b95fa2d64b962804274013b6957eccc4cb71fda0d026240c8588073b8

  • Size

    293KB

  • Sample

    241105-3twlvasbkm

  • MD5

    babd5bb90ac148da50624603b889e79e

  • SHA1

    cedcc1eb7922c91c315a0cac63eefb878f032f84

  • SHA256

    5970285b95fa2d64b962804274013b6957eccc4cb71fda0d026240c8588073b8

  • SHA512

    95e1c43e290fd4cebeb53225f04b79a2e87d0db740d1836dc4b069c4d8a16d4d65fabb2ef26e59145ed250600d39d973527eb956f6c58180f5bc774b4844e538

  • SSDEEP

    6144:CLaS0U0uK3XyxqmFnNfEkUM8M+ShuSz6abPuzbgwuvjB:CuS0Uqn+FGk/8Mfh5OWunn0

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.168:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      5970285b95fa2d64b962804274013b6957eccc4cb71fda0d026240c8588073b8

    • Size

      293KB

    • MD5

      babd5bb90ac148da50624603b889e79e

    • SHA1

      cedcc1eb7922c91c315a0cac63eefb878f032f84

    • SHA256

      5970285b95fa2d64b962804274013b6957eccc4cb71fda0d026240c8588073b8

    • SHA512

      95e1c43e290fd4cebeb53225f04b79a2e87d0db740d1836dc4b069c4d8a16d4d65fabb2ef26e59145ed250600d39d973527eb956f6c58180f5bc774b4844e538

    • SSDEEP

      6144:CLaS0U0uK3XyxqmFnNfEkUM8M+ShuSz6abPuzbgwuvjB:CuS0Uqn+FGk/8Mfh5OWunn0

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks