General

  • Target

    c3e19b8a6614b417a414b30c7673a7e52aa36ac22ed1abb4a5245ce2e5f28c39

  • Size

    394KB

  • Sample

    241105-nzfegssrcj

  • MD5

    ce5d662f1aa5f68f613249c9508e0e9a

  • SHA1

    dd1925c4a8661fb82589e23988bea09c0ffaed8c

  • SHA256

    c3e19b8a6614b417a414b30c7673a7e52aa36ac22ed1abb4a5245ce2e5f28c39

  • SHA512

    1f473faddaa6056ac7e2f3b3c9f2380c827b7af5028861e3c494b8528204221fe46006c414f0d140fc061b10227b3ef367a85d76336b312a4f69e508db708603

  • SSDEEP

    6144:lPi6qmtILCIkpkM6TocNPoK6PoeZWubwJzOPajIJ+ZMabu0xJMan11zA:l6UWLHkp5In8wJkajQ+eVIJMaQ

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      c3e19b8a6614b417a414b30c7673a7e52aa36ac22ed1abb4a5245ce2e5f28c39

    • Size

      394KB

    • MD5

      ce5d662f1aa5f68f613249c9508e0e9a

    • SHA1

      dd1925c4a8661fb82589e23988bea09c0ffaed8c

    • SHA256

      c3e19b8a6614b417a414b30c7673a7e52aa36ac22ed1abb4a5245ce2e5f28c39

    • SHA512

      1f473faddaa6056ac7e2f3b3c9f2380c827b7af5028861e3c494b8528204221fe46006c414f0d140fc061b10227b3ef367a85d76336b312a4f69e508db708603

    • SSDEEP

      6144:lPi6qmtILCIkpkM6TocNPoK6PoeZWubwJzOPajIJ+ZMabu0xJMan11zA:l6UWLHkp5In8wJkajQ+eVIJMaQ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks