General

  • Target

    5b40e54e6b24f690ac8d7ea78db17c53d58f2b5258eaaf5607516af65cf79f29

  • Size

    433KB

  • Sample

    241105-k512laxpfs

  • MD5

    468131ce71347c232428cd489c0a82ce

  • SHA1

    b3cb10195e8b1e121647e947efb379b1b4705adb

  • SHA256

    5b40e54e6b24f690ac8d7ea78db17c53d58f2b5258eaaf5607516af65cf79f29

  • SHA512

    a60b78822f352b955f361a3f45d49cc729a990555a4f4e1abcac7012c2fec9405cf32b28d594f63290234decfd8d7082e44b72e5226c87442e648c32509a32c7

  • SSDEEP

    12288:e1XjK6akObaCR71RWmXgYCR7Veo8R3T/+8NpKS:eak4J1LqA9+Ch

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      5b40e54e6b24f690ac8d7ea78db17c53d58f2b5258eaaf5607516af65cf79f29

    • Size

      433KB

    • MD5

      468131ce71347c232428cd489c0a82ce

    • SHA1

      b3cb10195e8b1e121647e947efb379b1b4705adb

    • SHA256

      5b40e54e6b24f690ac8d7ea78db17c53d58f2b5258eaaf5607516af65cf79f29

    • SHA512

      a60b78822f352b955f361a3f45d49cc729a990555a4f4e1abcac7012c2fec9405cf32b28d594f63290234decfd8d7082e44b72e5226c87442e648c32509a32c7

    • SSDEEP

      12288:e1XjK6akObaCR71RWmXgYCR7Veo8R3T/+8NpKS:eak4J1LqA9+Ch

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks