General

  • Target

    3b19c7676c4cb82c7702aceaff71d0e13b0c746e0c67aa746076b71fa7a5b7cc

  • Size

    434KB

  • Sample

    241105-yemceawphx

  • MD5

    2240f60d35404212e4487012d5108d6b

  • SHA1

    bb355148bd9abb2ccf893f8b37c9a59ee1633362

  • SHA256

    3b19c7676c4cb82c7702aceaff71d0e13b0c746e0c67aa746076b71fa7a5b7cc

  • SHA512

    8e41c8bf3e807a331ddc9c0cac57181e17fc72a08c1ba0359afbf816184973a743dcbb0374e4156417d9171d808b1d1768f1aad286cc9e2c2558ed004b09c771

  • SSDEEP

    6144:jT+p2+wmSFThVQdmWGwMLqlhC5wvsu6GZcfo0Hz21OOuq0tc+o:Pw6FHimWrJhC5Osu6G6fo0HzLOuq0tj

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      3b19c7676c4cb82c7702aceaff71d0e13b0c746e0c67aa746076b71fa7a5b7cc

    • Size

      434KB

    • MD5

      2240f60d35404212e4487012d5108d6b

    • SHA1

      bb355148bd9abb2ccf893f8b37c9a59ee1633362

    • SHA256

      3b19c7676c4cb82c7702aceaff71d0e13b0c746e0c67aa746076b71fa7a5b7cc

    • SHA512

      8e41c8bf3e807a331ddc9c0cac57181e17fc72a08c1ba0359afbf816184973a743dcbb0374e4156417d9171d808b1d1768f1aad286cc9e2c2558ed004b09c771

    • SSDEEP

      6144:jT+p2+wmSFThVQdmWGwMLqlhC5wvsu6GZcfo0Hz21OOuq0tc+o:Pw6FHimWrJhC5Osu6G6fo0HzLOuq0tj

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks