General

  • Target

    bb57ed14fec2b6000d7d696c683cf26855e4e25ff101cc1594d6893f0706b1d4

  • Size

    274KB

  • Sample

    241105-j32dxazpen

  • MD5

    c8d8b8c9f81c7745b1cefef723057d64

  • SHA1

    3c21bbe3aa203f7e8880aa9eaaa423010993b620

  • SHA256

    bb57ed14fec2b6000d7d696c683cf26855e4e25ff101cc1594d6893f0706b1d4

  • SHA512

    37f7f7ddd3fb4adcd01ca4cf7afdd8d265479d020353d4962b3a3ee59de2989009f1e8d5f2de68fe90111397e649c10c7fa0dd68b5e7e9412981fa091cca69f2

  • SSDEEP

    6144:3OzLoJazKULP9wHZZNQHnjSGWLSioSEIYR/mJekTfj4B:ezUJa3p0NQHGSwNYR+BTc

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      bb57ed14fec2b6000d7d696c683cf26855e4e25ff101cc1594d6893f0706b1d4

    • Size

      274KB

    • MD5

      c8d8b8c9f81c7745b1cefef723057d64

    • SHA1

      3c21bbe3aa203f7e8880aa9eaaa423010993b620

    • SHA256

      bb57ed14fec2b6000d7d696c683cf26855e4e25ff101cc1594d6893f0706b1d4

    • SHA512

      37f7f7ddd3fb4adcd01ca4cf7afdd8d265479d020353d4962b3a3ee59de2989009f1e8d5f2de68fe90111397e649c10c7fa0dd68b5e7e9412981fa091cca69f2

    • SSDEEP

      6144:3OzLoJazKULP9wHZZNQHnjSGWLSioSEIYR/mJekTfj4B:ezUJa3p0NQHGSwNYR+BTc

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks