General

  • Target

    5a1afbf3e53a79bfc154ec7b472ef465af1aee5ca34ffc78f20879e90a416679

  • Size

    274KB

  • Sample

    241105-n9779a1gjq

  • MD5

    949d6220c978b8e2ce844b2895b64dfb

  • SHA1

    72a8bee27cbb9f1bebb58351ea1f9a50eb0ac16f

  • SHA256

    5a1afbf3e53a79bfc154ec7b472ef465af1aee5ca34ffc78f20879e90a416679

  • SHA512

    408c357cec08616b2f59b698f3bd000a833be6db9dd57a5e3ea73d49eb6262f572d58d43a7612dcbed8071be50133f5c05ae0678c0049decc49728d8313556ab

  • SSDEEP

    6144:3OzLoJazKULP9wHZZNQHnjSGWLSioSEIYR/mJekTfj4B:ezUJa3p0NQHGSwNYR+BTc

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      5a1afbf3e53a79bfc154ec7b472ef465af1aee5ca34ffc78f20879e90a416679

    • Size

      274KB

    • MD5

      949d6220c978b8e2ce844b2895b64dfb

    • SHA1

      72a8bee27cbb9f1bebb58351ea1f9a50eb0ac16f

    • SHA256

      5a1afbf3e53a79bfc154ec7b472ef465af1aee5ca34ffc78f20879e90a416679

    • SHA512

      408c357cec08616b2f59b698f3bd000a833be6db9dd57a5e3ea73d49eb6262f572d58d43a7612dcbed8071be50133f5c05ae0678c0049decc49728d8313556ab

    • SSDEEP

      6144:3OzLoJazKULP9wHZZNQHnjSGWLSioSEIYR/mJekTfj4B:ezUJa3p0NQHGSwNYR+BTc

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks