General

  • Target

    fed86565bc163e59a8d3d485955ea62d33c0635f586b6b7d080b8501d9ae5d5b

  • Size

    433KB

  • Sample

    241105-lwrl8s1pfm

  • MD5

    0e2f0de38c30ce8121105d538c138723

  • SHA1

    d4fdd638944953f6c6279162d951b5f11b7827f1

  • SHA256

    fed86565bc163e59a8d3d485955ea62d33c0635f586b6b7d080b8501d9ae5d5b

  • SHA512

    a7ab15da6c4646ea9820fa81d9184fa31780f06887618e42812502fbbc0e99c58612b53c33defc29ba8cd2cdc56afab9ccf7a130b81c928b7837db0f89377778

  • SSDEEP

    12288:A23qDw0q1u4suLA7OTxt05stpu9fobrhJuGHlA:ACqcpZJLA762evuihb

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      fed86565bc163e59a8d3d485955ea62d33c0635f586b6b7d080b8501d9ae5d5b

    • Size

      433KB

    • MD5

      0e2f0de38c30ce8121105d538c138723

    • SHA1

      d4fdd638944953f6c6279162d951b5f11b7827f1

    • SHA256

      fed86565bc163e59a8d3d485955ea62d33c0635f586b6b7d080b8501d9ae5d5b

    • SHA512

      a7ab15da6c4646ea9820fa81d9184fa31780f06887618e42812502fbbc0e99c58612b53c33defc29ba8cd2cdc56afab9ccf7a130b81c928b7837db0f89377778

    • SSDEEP

      12288:A23qDw0q1u4suLA7OTxt05stpu9fobrhJuGHlA:ACqcpZJLA762evuihb

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks