General

  • Target

    1a3bd993ec559b6a475751e7cf20b0bb728099b961eb61d47347e2a29e8ac4f1

  • Size

    434KB

  • Sample

    241105-krhm4axhqg

  • MD5

    92767ca7edc0dc55e9c849282c81190d

  • SHA1

    3ecb4a871202d7f36ffa87d3c1c580b416925af1

  • SHA256

    1a3bd993ec559b6a475751e7cf20b0bb728099b961eb61d47347e2a29e8ac4f1

  • SHA512

    812b1dbd546e8120b03cba1cb5e840f524ae34c43613b6f6560c436bfb708c7fb6a9ba4ca1b8f499834bf44b572cae1dac6db87a0635df66c70d855f8417ac45

  • SSDEEP

    6144:jT+p2+wmSFThVQdmWGwMLqlhC5wvsu6GZcfo0Hz21OOuq0tc+o:Pw6FHimWrJhC5Osu6G6fo0HzLOuq0tj

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      1a3bd993ec559b6a475751e7cf20b0bb728099b961eb61d47347e2a29e8ac4f1

    • Size

      434KB

    • MD5

      92767ca7edc0dc55e9c849282c81190d

    • SHA1

      3ecb4a871202d7f36ffa87d3c1c580b416925af1

    • SHA256

      1a3bd993ec559b6a475751e7cf20b0bb728099b961eb61d47347e2a29e8ac4f1

    • SHA512

      812b1dbd546e8120b03cba1cb5e840f524ae34c43613b6f6560c436bfb708c7fb6a9ba4ca1b8f499834bf44b572cae1dac6db87a0635df66c70d855f8417ac45

    • SSDEEP

      6144:jT+p2+wmSFThVQdmWGwMLqlhC5wvsu6GZcfo0Hz21OOuq0tc+o:Pw6FHimWrJhC5Osu6G6fo0HzLOuq0tj

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks