General

  • Target

    69a67974c8ad8d3768eedf8dd05d4a28bef8c7056a40cad69b9a7ccc8734aae3

  • Size

    293KB

  • Sample

    241105-p7kjva1fjh

  • MD5

    8734600c3716a345d9b9c8dd8a27d992

  • SHA1

    b79461154a1c9d143b10ce8cb1a0060cd8ddce7d

  • SHA256

    69a67974c8ad8d3768eedf8dd05d4a28bef8c7056a40cad69b9a7ccc8734aae3

  • SHA512

    4f82e6ff0bbdf1a89c48a612a0f4a06fdc3bda55ba533e3b197ac03e8d07fb7e501ad3f3b7a4712dcf0e4821194cc7043c8e6a8ae8612129b9770758de4624d0

  • SSDEEP

    6144:CLaS0U0uK3XyxqmFnNfEkUM8M+ShuSz6abPuzbgwuvjB:CuS0Uqn+FGk/8Mfh5OWunn0

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.168:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      69a67974c8ad8d3768eedf8dd05d4a28bef8c7056a40cad69b9a7ccc8734aae3

    • Size

      293KB

    • MD5

      8734600c3716a345d9b9c8dd8a27d992

    • SHA1

      b79461154a1c9d143b10ce8cb1a0060cd8ddce7d

    • SHA256

      69a67974c8ad8d3768eedf8dd05d4a28bef8c7056a40cad69b9a7ccc8734aae3

    • SHA512

      4f82e6ff0bbdf1a89c48a612a0f4a06fdc3bda55ba533e3b197ac03e8d07fb7e501ad3f3b7a4712dcf0e4821194cc7043c8e6a8ae8612129b9770758de4624d0

    • SSDEEP

      6144:CLaS0U0uK3XyxqmFnNfEkUM8M+ShuSz6abPuzbgwuvjB:CuS0Uqn+FGk/8Mfh5OWunn0

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks