General

  • Target

    61086e84176c9ee8982816ccd390d60dc3af6ba00c55e3f85ed16a94c386bcf1

  • Size

    252KB

  • Sample

    241105-k1bada1kdk

  • MD5

    455085d1229b29664fa57fcd3d589b0b

  • SHA1

    f214dbb752a94c539a25b8a039e67eb62a3cdb03

  • SHA256

    61086e84176c9ee8982816ccd390d60dc3af6ba00c55e3f85ed16a94c386bcf1

  • SHA512

    f8f1995faa5eff45fd4e9e80ae10d04eb04c8d623e5a6c7813e749f64ee489534df05200fbf99dddace9fd786498f28dd1a7448382b7c16ec3b9fb25a4ea7d35

  • SSDEEP

    6144:iHL5GYhcaac9d/k1TTLPrg+8D0B4VR+ILuO8lNfunXMhzWyB:wlGgcusTTv0VR+IL+lNfun8lWy

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      61086e84176c9ee8982816ccd390d60dc3af6ba00c55e3f85ed16a94c386bcf1

    • Size

      252KB

    • MD5

      455085d1229b29664fa57fcd3d589b0b

    • SHA1

      f214dbb752a94c539a25b8a039e67eb62a3cdb03

    • SHA256

      61086e84176c9ee8982816ccd390d60dc3af6ba00c55e3f85ed16a94c386bcf1

    • SHA512

      f8f1995faa5eff45fd4e9e80ae10d04eb04c8d623e5a6c7813e749f64ee489534df05200fbf99dddace9fd786498f28dd1a7448382b7c16ec3b9fb25a4ea7d35

    • SSDEEP

      6144:iHL5GYhcaac9d/k1TTLPrg+8D0B4VR+ILuO8lNfunXMhzWyB:wlGgcusTTv0VR+IL+lNfun8lWy

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks