General

  • Target

    d79f833a2a9941a3fd1418419db20050de48c376db9b9f0a4af7ef1e72f98b76

  • Size

    432KB

  • Sample

    241105-p9xbes1fmf

  • MD5

    5a3b91a98837ac58fd567434f3b62869

  • SHA1

    9aaceb22a601178a2772074a17550ac9b0f0c8b3

  • SHA256

    d79f833a2a9941a3fd1418419db20050de48c376db9b9f0a4af7ef1e72f98b76

  • SHA512

    ae3d7e22b6393c805984c3cac2588b99561b909c990aa23dc57e848bc13dfde5de657076905dcf2f711a1a3ba84220ef4a6c9aab554ff18ad1dcb10edf76591d

  • SSDEEP

    6144:yGO9Zbg+pdyt8LlZuPpTOl2eV7pw5fq22bM0harV83KpzZWK3g2tF0:VO91g+pdytWZucV2E3harS3KpMK3g2T

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      d79f833a2a9941a3fd1418419db20050de48c376db9b9f0a4af7ef1e72f98b76

    • Size

      432KB

    • MD5

      5a3b91a98837ac58fd567434f3b62869

    • SHA1

      9aaceb22a601178a2772074a17550ac9b0f0c8b3

    • SHA256

      d79f833a2a9941a3fd1418419db20050de48c376db9b9f0a4af7ef1e72f98b76

    • SHA512

      ae3d7e22b6393c805984c3cac2588b99561b909c990aa23dc57e848bc13dfde5de657076905dcf2f711a1a3ba84220ef4a6c9aab554ff18ad1dcb10edf76591d

    • SSDEEP

      6144:yGO9Zbg+pdyt8LlZuPpTOl2eV7pw5fq22bM0harV83KpzZWK3g2tF0:VO91g+pdytWZucV2E3harS3KpMK3g2T

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks