General

  • Target

    9372d51a56b3acdaa55196e021331b43e7fb79d83e355b6ebb421092f76dae18

  • Size

    433KB

  • Sample

    241105-pwgntasblp

  • MD5

    c310585fa058368b27bdda9d77deae41

  • SHA1

    fd67221cd39c394958316ec3d5948409c489bdf5

  • SHA256

    9372d51a56b3acdaa55196e021331b43e7fb79d83e355b6ebb421092f76dae18

  • SHA512

    a365c8ddf7ab8f542ee1297ce6d4a2c13534c21f810cca2221e6fbc092457f494e3e160b786bc47ec9436245a76bd635c908079dc1186c8bc95dcdc7315c6c3c

  • SSDEEP

    6144:FkedgevvvIm6t1uVWIad8Ko0aY2xxoNr/psbefV3uu1Hbs/rzte:2edKT/Iqow6oNr/psbet3uuts/rzE

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      9372d51a56b3acdaa55196e021331b43e7fb79d83e355b6ebb421092f76dae18

    • Size

      433KB

    • MD5

      c310585fa058368b27bdda9d77deae41

    • SHA1

      fd67221cd39c394958316ec3d5948409c489bdf5

    • SHA256

      9372d51a56b3acdaa55196e021331b43e7fb79d83e355b6ebb421092f76dae18

    • SHA512

      a365c8ddf7ab8f542ee1297ce6d4a2c13534c21f810cca2221e6fbc092457f494e3e160b786bc47ec9436245a76bd635c908079dc1186c8bc95dcdc7315c6c3c

    • SSDEEP

      6144:FkedgevvvIm6t1uVWIad8Ko0aY2xxoNr/psbefV3uu1Hbs/rzte:2edKT/Iqow6oNr/psbet3uuts/rzE

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks