General

  • Target

    4ef8f5cb7185476c334ac0100682344f370d3d4d79e5292648f53d4af3acc966

  • Size

    434KB

  • Sample

    241105-jx1kesybrj

  • MD5

    f9bf8e7b95eb8c9e431cc74e0c478720

  • SHA1

    fcfa98f2f0bfcd338fe518a5c051560670f1fa5a

  • SHA256

    4ef8f5cb7185476c334ac0100682344f370d3d4d79e5292648f53d4af3acc966

  • SHA512

    3b8626e1233dbc0483eebf4c9bee7eb6a57dda69a55acec34134a145ca8e0d6f1f2fad63ccaecba83114c0d1f1cec7393a27946a653cd278532d1dad74db51f1

  • SSDEEP

    6144:MJTpi7bxjww3MK4zPcMZ4fPHsjcm8wldunH7qorYiQI/Q+VK1I:+ihF3QPXZ8sjfBlduneorYU/Q+V

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      4ef8f5cb7185476c334ac0100682344f370d3d4d79e5292648f53d4af3acc966

    • Size

      434KB

    • MD5

      f9bf8e7b95eb8c9e431cc74e0c478720

    • SHA1

      fcfa98f2f0bfcd338fe518a5c051560670f1fa5a

    • SHA256

      4ef8f5cb7185476c334ac0100682344f370d3d4d79e5292648f53d4af3acc966

    • SHA512

      3b8626e1233dbc0483eebf4c9bee7eb6a57dda69a55acec34134a145ca8e0d6f1f2fad63ccaecba83114c0d1f1cec7393a27946a653cd278532d1dad74db51f1

    • SSDEEP

      6144:MJTpi7bxjww3MK4zPcMZ4fPHsjcm8wldunH7qorYiQI/Q+VK1I:+ihF3QPXZ8sjfBlduneorYU/Q+V

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks