General

  • Target

    f912a130f182250fc225f300010536747be594108713ced268cc55e46c56819b

  • Size

    432KB

  • Sample

    241105-mpxekszbkg

  • MD5

    7a9085a5bb5ede5c8b0d27c8498191c2

  • SHA1

    5a4226d3c2b51d06ddb9d314a2a6e7c8ae30f85c

  • SHA256

    f912a130f182250fc225f300010536747be594108713ced268cc55e46c56819b

  • SHA512

    d07954957b7f11392698ab94abf0ccc1af6c9c9fa44bf44325568f1a11d2761f7386a284037331a874cb9144077abda10ee20e1bb9305e8edf7991deeddf3b50

  • SSDEEP

    6144:yGO9Zbg+pdyt8LlZuPpTOl2eV7pw5fq22bM0harV83KpzZWK3g2tF0:VO91g+pdytWZucV2E3harS3KpMK3g2T

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      f912a130f182250fc225f300010536747be594108713ced268cc55e46c56819b

    • Size

      432KB

    • MD5

      7a9085a5bb5ede5c8b0d27c8498191c2

    • SHA1

      5a4226d3c2b51d06ddb9d314a2a6e7c8ae30f85c

    • SHA256

      f912a130f182250fc225f300010536747be594108713ced268cc55e46c56819b

    • SHA512

      d07954957b7f11392698ab94abf0ccc1af6c9c9fa44bf44325568f1a11d2761f7386a284037331a874cb9144077abda10ee20e1bb9305e8edf7991deeddf3b50

    • SSDEEP

      6144:yGO9Zbg+pdyt8LlZuPpTOl2eV7pw5fq22bM0harV83KpzZWK3g2tF0:VO91g+pdytWZucV2E3harS3KpMK3g2T

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks