General

  • Target

    76f944b8b44c1d148bf17b7368b00fc1dc013ea26b327233d8aadd67ad14209a

  • Size

    433KB

  • Sample

    241105-z1qgma1nbr

  • MD5

    a4f9dde7c0202790465be83591ab97f6

  • SHA1

    bb7cf8e9436e4a97d6ef64f64271f1015f0bc192

  • SHA256

    76f944b8b44c1d148bf17b7368b00fc1dc013ea26b327233d8aadd67ad14209a

  • SHA512

    e8b7049bdf7e58b306d59d7bc0788bc25d6a77fb7e6c3ed85c9d65e8ed7ea5acbfb5b86bbc95a0e749f05f76201b35d889cb2c9d08efed3fc88a5352ca5bbdae

  • SSDEEP

    12288:A23qDw0q1u4suLA7OTxt05stpu9fobrhJuGHlA:ACqcpZJLA762evuihb

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      76f944b8b44c1d148bf17b7368b00fc1dc013ea26b327233d8aadd67ad14209a

    • Size

      433KB

    • MD5

      a4f9dde7c0202790465be83591ab97f6

    • SHA1

      bb7cf8e9436e4a97d6ef64f64271f1015f0bc192

    • SHA256

      76f944b8b44c1d148bf17b7368b00fc1dc013ea26b327233d8aadd67ad14209a

    • SHA512

      e8b7049bdf7e58b306d59d7bc0788bc25d6a77fb7e6c3ed85c9d65e8ed7ea5acbfb5b86bbc95a0e749f05f76201b35d889cb2c9d08efed3fc88a5352ca5bbdae

    • SSDEEP

      12288:A23qDw0q1u4suLA7OTxt05stpu9fobrhJuGHlA:ACqcpZJLA762evuihb

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks