General

  • Target

    4108a53101478ae1f5e7efdc0c1ead82a471a8534b483bd40f1ab6e87387f4fd

  • Size

    433KB

  • Sample

    241105-pwlyjazrcv

  • MD5

    286fc5a8461dcbf426b5d54ec9865471

  • SHA1

    4d272d29b86afee31229a45b3b03cb4c9716d8f0

  • SHA256

    4108a53101478ae1f5e7efdc0c1ead82a471a8534b483bd40f1ab6e87387f4fd

  • SHA512

    c26d2203f968ba7d7113a4bd87235f323ae55a772d941376a6f2e97482a1f427f8a252684d0d8458ef15372b621a3b54d462d64c677aa02a0a816aee7b118b53

  • SSDEEP

    6144:AdToZq3KGUE6ySWgZk589XDR8JuLLH2PRpm7oio4AylG8Tqpx:KTn4E6y+k58dGQX2PRpm7/o4AD8Tq/

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      4108a53101478ae1f5e7efdc0c1ead82a471a8534b483bd40f1ab6e87387f4fd

    • Size

      433KB

    • MD5

      286fc5a8461dcbf426b5d54ec9865471

    • SHA1

      4d272d29b86afee31229a45b3b03cb4c9716d8f0

    • SHA256

      4108a53101478ae1f5e7efdc0c1ead82a471a8534b483bd40f1ab6e87387f4fd

    • SHA512

      c26d2203f968ba7d7113a4bd87235f323ae55a772d941376a6f2e97482a1f427f8a252684d0d8458ef15372b621a3b54d462d64c677aa02a0a816aee7b118b53

    • SSDEEP

      6144:AdToZq3KGUE6ySWgZk589XDR8JuLLH2PRpm7oio4AylG8Tqpx:KTn4E6y+k58dGQX2PRpm7/o4AD8Tq/

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks