General

  • Target

    ac75572f97dd648c8952e95a7d83a9f93dffafd1b97ed291c7c84e5e835b4406

  • Size

    434KB

  • Sample

    241105-n83w5s1frk

  • MD5

    ac400c496a651644f2eacbdb90d42719

  • SHA1

    853ebec5751c543dd699fee3a95b8d0aab791b0c

  • SHA256

    ac75572f97dd648c8952e95a7d83a9f93dffafd1b97ed291c7c84e5e835b4406

  • SHA512

    9f53fe530b25dfbb1949e6399ca1c2636125dc70382bffb4e9eacdab3645348cf9391e98ff760b78192941f39e0c5c9be80428021e3bb54ead5317b27d508aed

  • SSDEEP

    6144:IA/r6ksws1/whwnCWCDmV344pWNE20JvHoinidCso6URDkp6:J/rroDCWeW7sE20JPoinnso6UdK

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      ac75572f97dd648c8952e95a7d83a9f93dffafd1b97ed291c7c84e5e835b4406

    • Size

      434KB

    • MD5

      ac400c496a651644f2eacbdb90d42719

    • SHA1

      853ebec5751c543dd699fee3a95b8d0aab791b0c

    • SHA256

      ac75572f97dd648c8952e95a7d83a9f93dffafd1b97ed291c7c84e5e835b4406

    • SHA512

      9f53fe530b25dfbb1949e6399ca1c2636125dc70382bffb4e9eacdab3645348cf9391e98ff760b78192941f39e0c5c9be80428021e3bb54ead5317b27d508aed

    • SSDEEP

      6144:IA/r6ksws1/whwnCWCDmV344pWNE20JvHoinidCso6URDkp6:J/rroDCWeW7sE20JPoinnso6UdK

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks