General

  • Target

    851f5e3fc5aad87c89ad31afa6702efd6d6bc409adaf0ce3ff0e2d683decd495

  • Size

    434KB

  • Sample

    241105-ag9nqaspgn

  • MD5

    bfcad657bdbb0b6fb4c8bb89a82e5f1b

  • SHA1

    2d10ca367ea2ed3fa8e3deb45fdd17b7b8b87ffc

  • SHA256

    851f5e3fc5aad87c89ad31afa6702efd6d6bc409adaf0ce3ff0e2d683decd495

  • SHA512

    60ebcf726370af6357c585523335843fb4b26ac3e44b9ad95e73bcddd3147ecf2b5a10086e94df9e9f345a36b6747678cc08bcd660f5bc8323244dba6b37e0e9

  • SSDEEP

    6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      851f5e3fc5aad87c89ad31afa6702efd6d6bc409adaf0ce3ff0e2d683decd495

    • Size

      434KB

    • MD5

      bfcad657bdbb0b6fb4c8bb89a82e5f1b

    • SHA1

      2d10ca367ea2ed3fa8e3deb45fdd17b7b8b87ffc

    • SHA256

      851f5e3fc5aad87c89ad31afa6702efd6d6bc409adaf0ce3ff0e2d683decd495

    • SHA512

      60ebcf726370af6357c585523335843fb4b26ac3e44b9ad95e73bcddd3147ecf2b5a10086e94df9e9f345a36b6747678cc08bcd660f5bc8323244dba6b37e0e9

    • SSDEEP

      6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks