General

  • Target

    dc03566e33697aeab4a6d2e4443dc536cdd87e18f4ac396d8a86a67b1bd68187

  • Size

    293KB

  • Sample

    241105-m6xrnssmgj

  • MD5

    8b93276b0299712aede6246df0d8f622

  • SHA1

    1e107b3bb84d1def34c1f4c7d15b4a77d286a2ab

  • SHA256

    dc03566e33697aeab4a6d2e4443dc536cdd87e18f4ac396d8a86a67b1bd68187

  • SHA512

    825fd137189aa793d3f14b98881d82e53a8414df5627ab3624f544cecd2007a33cc72ccccfb238de32f561095428ca72b6b8d4a7f37e68bf65ba7f987c5a1dd0

  • SSDEEP

    6144:CLaS0U0uK3XyxqmFnNfEkUM8M+ShuSz6abPuzbgwuvjB:CuS0Uqn+FGk/8Mfh5OWunn0

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.168:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      dc03566e33697aeab4a6d2e4443dc536cdd87e18f4ac396d8a86a67b1bd68187

    • Size

      293KB

    • MD5

      8b93276b0299712aede6246df0d8f622

    • SHA1

      1e107b3bb84d1def34c1f4c7d15b4a77d286a2ab

    • SHA256

      dc03566e33697aeab4a6d2e4443dc536cdd87e18f4ac396d8a86a67b1bd68187

    • SHA512

      825fd137189aa793d3f14b98881d82e53a8414df5627ab3624f544cecd2007a33cc72ccccfb238de32f561095428ca72b6b8d4a7f37e68bf65ba7f987c5a1dd0

    • SSDEEP

      6144:CLaS0U0uK3XyxqmFnNfEkUM8M+ShuSz6abPuzbgwuvjB:CuS0Uqn+FGk/8Mfh5OWunn0

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks