General

  • Target

    05811dfe63e685b0ac56723cb744a05e438d60e75962ba90bb6d711e4b5b43c9

  • Size

    434KB

  • Sample

    241105-nd143a1ckk

  • MD5

    968136051b7962c504767551c25c7842

  • SHA1

    4179e2c34a5fba56fbffc10e60d856e5dbcfe957

  • SHA256

    05811dfe63e685b0ac56723cb744a05e438d60e75962ba90bb6d711e4b5b43c9

  • SHA512

    d47bb4e7b6799a8f1e54b4a5bff2236ed1d1aa3050e52957924a31d14bf4890734bb7e22ba7c43a0d5f9faa7e58aa155ab3ce92bbaca81921e2c607c2f89dc71

  • SSDEEP

    6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      05811dfe63e685b0ac56723cb744a05e438d60e75962ba90bb6d711e4b5b43c9

    • Size

      434KB

    • MD5

      968136051b7962c504767551c25c7842

    • SHA1

      4179e2c34a5fba56fbffc10e60d856e5dbcfe957

    • SHA256

      05811dfe63e685b0ac56723cb744a05e438d60e75962ba90bb6d711e4b5b43c9

    • SHA512

      d47bb4e7b6799a8f1e54b4a5bff2236ed1d1aa3050e52957924a31d14bf4890734bb7e22ba7c43a0d5f9faa7e58aa155ab3ce92bbaca81921e2c607c2f89dc71

    • SSDEEP

      6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks