General

  • Target

    c001156889cf65473091c7297615f6b306da4907da6f45ff56ece1dfcd346fba

  • Size

    434KB

  • Sample

    241105-na42js1bpp

  • MD5

    845b9080e96a0e5c8fb61b91512fffe8

  • SHA1

    1bc1d591dfd50ab658ca6ee1e2b15ae00e32ae76

  • SHA256

    c001156889cf65473091c7297615f6b306da4907da6f45ff56ece1dfcd346fba

  • SHA512

    6ea08e97cd1afbf1c401069034ae0866f43461ed1488a05606c91c407def055378a9fdbe711b350c4e71f60135ae96341f28cd85e27f41a3d1f65bbe840460e2

  • SSDEEP

    6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      c001156889cf65473091c7297615f6b306da4907da6f45ff56ece1dfcd346fba

    • Size

      434KB

    • MD5

      845b9080e96a0e5c8fb61b91512fffe8

    • SHA1

      1bc1d591dfd50ab658ca6ee1e2b15ae00e32ae76

    • SHA256

      c001156889cf65473091c7297615f6b306da4907da6f45ff56ece1dfcd346fba

    • SHA512

      6ea08e97cd1afbf1c401069034ae0866f43461ed1488a05606c91c407def055378a9fdbe711b350c4e71f60135ae96341f28cd85e27f41a3d1f65bbe840460e2

    • SSDEEP

      6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks