General

  • Target

    9accb1d8b1e7c7911dad24f59ef496f5c9da87a05de5bccf92e928320548022f

  • Size

    432KB

  • Sample

    241105-n12zwasrdp

  • MD5

    a0c43a11f9c6111547eb82728c27ae8c

  • SHA1

    4de457ad1c995112701ed4cfe8b69b290f0b73ef

  • SHA256

    9accb1d8b1e7c7911dad24f59ef496f5c9da87a05de5bccf92e928320548022f

  • SHA512

    3d8fe37979d09e06c646bc85b23ff051801418408d3a018337a9d560ee5bba4132108c53f02bc1aee76b0dd4da124299dd92697207f895973c321413af52ad38

  • SSDEEP

    6144:JegQHXT3Kt595Gwa3jL/fhaCkIfyOR0iNHxzjK3mdDqkGs/QAB:J6Dat56webfhaCkIfldHxzm3mdVGs/Q

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      9accb1d8b1e7c7911dad24f59ef496f5c9da87a05de5bccf92e928320548022f

    • Size

      432KB

    • MD5

      a0c43a11f9c6111547eb82728c27ae8c

    • SHA1

      4de457ad1c995112701ed4cfe8b69b290f0b73ef

    • SHA256

      9accb1d8b1e7c7911dad24f59ef496f5c9da87a05de5bccf92e928320548022f

    • SHA512

      3d8fe37979d09e06c646bc85b23ff051801418408d3a018337a9d560ee5bba4132108c53f02bc1aee76b0dd4da124299dd92697207f895973c321413af52ad38

    • SSDEEP

      6144:JegQHXT3Kt595Gwa3jL/fhaCkIfyOR0iNHxzjK3mdDqkGs/QAB:J6Dat56webfhaCkIfldHxzm3mdVGs/Q

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks