General

  • Target

    5fe1b6b7299f7da67ad689a2eae96a6f8c3ad417ec990819eb740f1bb2587b98

  • Size

    433KB

  • Sample

    241105-arw6da1dqn

  • MD5

    735888fe3ce9947b5fc179021de24c78

  • SHA1

    0f73b73237066b408c0d0eac29a4fe16f30c10d7

  • SHA256

    5fe1b6b7299f7da67ad689a2eae96a6f8c3ad417ec990819eb740f1bb2587b98

  • SHA512

    800727e648539cec34ce7b9c2bed080c9f2a545b49066c9c7ec085ea1ae82635541f4611dddcc4ab4cb89dbdf2b43a510ffbe37255c80bd3ef44b2de81213a46

  • SSDEEP

    12288:e1XjK6akObaCR71RWmXgYCR7Veo8R3T/+8NpKS:eak4J1LqA9+Ch

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      5fe1b6b7299f7da67ad689a2eae96a6f8c3ad417ec990819eb740f1bb2587b98

    • Size

      433KB

    • MD5

      735888fe3ce9947b5fc179021de24c78

    • SHA1

      0f73b73237066b408c0d0eac29a4fe16f30c10d7

    • SHA256

      5fe1b6b7299f7da67ad689a2eae96a6f8c3ad417ec990819eb740f1bb2587b98

    • SHA512

      800727e648539cec34ce7b9c2bed080c9f2a545b49066c9c7ec085ea1ae82635541f4611dddcc4ab4cb89dbdf2b43a510ffbe37255c80bd3ef44b2de81213a46

    • SSDEEP

      12288:e1XjK6akObaCR71RWmXgYCR7Veo8R3T/+8NpKS:eak4J1LqA9+Ch

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks