General

  • Target

    00e47d0c8c4247a70e6a9a9847a6f76fe4a3eecdb38122ec21a245c69d4b6b1b

  • Size

    287KB

  • Sample

    241105-bltnqssbjj

  • MD5

    22d608244531bfbd06d8bc6a2e7edeb8

  • SHA1

    ceb9830da776e360b6fb584419d0edf2750cfa3e

  • SHA256

    00e47d0c8c4247a70e6a9a9847a6f76fe4a3eecdb38122ec21a245c69d4b6b1b

  • SHA512

    52c8fd29b9f1959adaccec66c340a6c28267d849c2854a92b82515ddd095ec3f9fcd00b6de82dca6feffc9098aa12f802ffb3ddf330559ff8033021a035cf40c

  • SSDEEP

    6144:Z8qL1ObqYbAiSCTmxTPj/0rtsvBS+5pTuzbgwuko6OB:mqcbquAGQTPgrtscURunnro6O

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      00e47d0c8c4247a70e6a9a9847a6f76fe4a3eecdb38122ec21a245c69d4b6b1b

    • Size

      287KB

    • MD5

      22d608244531bfbd06d8bc6a2e7edeb8

    • SHA1

      ceb9830da776e360b6fb584419d0edf2750cfa3e

    • SHA256

      00e47d0c8c4247a70e6a9a9847a6f76fe4a3eecdb38122ec21a245c69d4b6b1b

    • SHA512

      52c8fd29b9f1959adaccec66c340a6c28267d849c2854a92b82515ddd095ec3f9fcd00b6de82dca6feffc9098aa12f802ffb3ddf330559ff8033021a035cf40c

    • SSDEEP

      6144:Z8qL1ObqYbAiSCTmxTPj/0rtsvBS+5pTuzbgwuko6OB:mqcbquAGQTPgrtscURunnro6O

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks