General

  • Target

    cce42b6c5e1e6da72429999cfc558b38c785d25f2b7eb56fd868093d6b2b8da1

  • Size

    434KB

  • Sample

    241105-nzvjeasrcn

  • MD5

    1a4d0fd90c41209af4cfb93312a16df5

  • SHA1

    47c0591f1862af017b52cec8f82f596f4360e251

  • SHA256

    cce42b6c5e1e6da72429999cfc558b38c785d25f2b7eb56fd868093d6b2b8da1

  • SHA512

    e3501b41f514e737af8f16381ff04ed545d11777bf94c83101e01104f13a2b9614d6af7ac7e9edfb88c39c05719997cf463facdc551826968c282dc4e7663a75

  • SSDEEP

    6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      cce42b6c5e1e6da72429999cfc558b38c785d25f2b7eb56fd868093d6b2b8da1

    • Size

      434KB

    • MD5

      1a4d0fd90c41209af4cfb93312a16df5

    • SHA1

      47c0591f1862af017b52cec8f82f596f4360e251

    • SHA256

      cce42b6c5e1e6da72429999cfc558b38c785d25f2b7eb56fd868093d6b2b8da1

    • SHA512

      e3501b41f514e737af8f16381ff04ed545d11777bf94c83101e01104f13a2b9614d6af7ac7e9edfb88c39c05719997cf463facdc551826968c282dc4e7663a75

    • SSDEEP

      6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks