General

  • Target

    3b0b38f3bb498a21387e1c440993329614e2e1fa5e6cff28e997dcc157132415

  • Size

    432KB

  • Sample

    241105-qh8qta1lbz

  • MD5

    99a1e084c860e8bf5d797f9cad66ea63

  • SHA1

    7cc9aeec4e8ded0722eafc646880490b3b24828a

  • SHA256

    3b0b38f3bb498a21387e1c440993329614e2e1fa5e6cff28e997dcc157132415

  • SHA512

    14beb530b9a2c60ff9dc510c739a5b36fb2983b3b64c181d4a36ffa947930a0106a31a9e19f070bc73972a0c56478f5ce34eed8a1f094541ce7e8db2214bf3cc

  • SSDEEP

    6144:yGO9Zbg+pdyt8LlZuPpTOl2eV7pw5fq22bM0harV83KpzZWK3g2tF0:VO91g+pdytWZucV2E3harS3KpMK3g2T

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      3b0b38f3bb498a21387e1c440993329614e2e1fa5e6cff28e997dcc157132415

    • Size

      432KB

    • MD5

      99a1e084c860e8bf5d797f9cad66ea63

    • SHA1

      7cc9aeec4e8ded0722eafc646880490b3b24828a

    • SHA256

      3b0b38f3bb498a21387e1c440993329614e2e1fa5e6cff28e997dcc157132415

    • SHA512

      14beb530b9a2c60ff9dc510c739a5b36fb2983b3b64c181d4a36ffa947930a0106a31a9e19f070bc73972a0c56478f5ce34eed8a1f094541ce7e8db2214bf3cc

    • SSDEEP

      6144:yGO9Zbg+pdyt8LlZuPpTOl2eV7pw5fq22bM0harV83KpzZWK3g2tF0:VO91g+pdytWZucV2E3harS3KpMK3g2T

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks