General

  • Target

    49ab864f04536fda4bc5baab3ca0095924f66756c48d7c5b906fb61e94b0c0de

  • Size

    432KB

  • Sample

    241105-p959bssdmn

  • MD5

    4d4713a8baac3f71b15cffb823966efa

  • SHA1

    f49278606ec02384167698cc5d8d39b48f8f531c

  • SHA256

    49ab864f04536fda4bc5baab3ca0095924f66756c48d7c5b906fb61e94b0c0de

  • SHA512

    79b6aa2fbb0e100c3f6983aef16b90debfa81d8a978693b078001f05a90f5e10c442f698f4640c8bbcab0ad2262805c5c47152e31f70575cb8d683518f762e80

  • SSDEEP

    6144:yGO9Zbg+pdyt8LlZuPpTOl2eV7pw5fq22bM0harV83KpzZWK3g2tF0:VO91g+pdytWZucV2E3harS3KpMK3g2T

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      49ab864f04536fda4bc5baab3ca0095924f66756c48d7c5b906fb61e94b0c0de

    • Size

      432KB

    • MD5

      4d4713a8baac3f71b15cffb823966efa

    • SHA1

      f49278606ec02384167698cc5d8d39b48f8f531c

    • SHA256

      49ab864f04536fda4bc5baab3ca0095924f66756c48d7c5b906fb61e94b0c0de

    • SHA512

      79b6aa2fbb0e100c3f6983aef16b90debfa81d8a978693b078001f05a90f5e10c442f698f4640c8bbcab0ad2262805c5c47152e31f70575cb8d683518f762e80

    • SSDEEP

      6144:yGO9Zbg+pdyt8LlZuPpTOl2eV7pw5fq22bM0harV83KpzZWK3g2tF0:VO91g+pdytWZucV2E3harS3KpMK3g2T

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks