General

  • Target

    8fdcbce11120c61e8b0d0c3ee652f3bbf9c7a1c2d0d7456aff326620d11a8235

  • Size

    433KB

  • Sample

    241105-mq3mzsskfj

  • MD5

    b32c008b6213c2cbda3340eaaab711da

  • SHA1

    801e921bba00c97c5c5be622529a7261f42d732f

  • SHA256

    8fdcbce11120c61e8b0d0c3ee652f3bbf9c7a1c2d0d7456aff326620d11a8235

  • SHA512

    65c7e2b279a494f79738be48155232b3df63923400274a20cbd02394b151352a0a02e7fc86d4dbceea3552e565ccb67e49dc02140b0bff770fface93ad2a9d1d

  • SSDEEP

    6144:AdToZq3KGUE6ySWgZk589XDR8JuLLH2PRpm7oio4AylG8Tqpx:KTn4E6y+k58dGQX2PRpm7/o4AD8Tq/

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      8fdcbce11120c61e8b0d0c3ee652f3bbf9c7a1c2d0d7456aff326620d11a8235

    • Size

      433KB

    • MD5

      b32c008b6213c2cbda3340eaaab711da

    • SHA1

      801e921bba00c97c5c5be622529a7261f42d732f

    • SHA256

      8fdcbce11120c61e8b0d0c3ee652f3bbf9c7a1c2d0d7456aff326620d11a8235

    • SHA512

      65c7e2b279a494f79738be48155232b3df63923400274a20cbd02394b151352a0a02e7fc86d4dbceea3552e565ccb67e49dc02140b0bff770fface93ad2a9d1d

    • SSDEEP

      6144:AdToZq3KGUE6ySWgZk589XDR8JuLLH2PRpm7oio4AylG8Tqpx:KTn4E6y+k58dGQX2PRpm7/o4AD8Tq/

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks