General

  • Target

    d1d95b3ee72fa5c17cfc360f0a27c50385a89e3933855ed694eef05fffc2381f

  • Size

    446KB

  • Sample

    241105-z4r5ma1nfp

  • MD5

    04c35162cafeb455d9294f8a793c1d5a

  • SHA1

    6e7f606b379ff92bb246f7ddf94e7d1b503a7789

  • SHA256

    d1d95b3ee72fa5c17cfc360f0a27c50385a89e3933855ed694eef05fffc2381f

  • SHA512

    89c6196c2de5391b8c4ddbdb352d2b90b8be8fca20a8af146b01ca44e6f96ba40c4c57cf12fc60d407339403f898ae351e35061aa99bd55489af691b32527b9e

  • SSDEEP

    12288:xSgreJ4MJ8i7EB37Wk4pi5W0mPpg9VfI:xMJ4MJXwN77C0mPpa

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      d1d95b3ee72fa5c17cfc360f0a27c50385a89e3933855ed694eef05fffc2381f

    • Size

      446KB

    • MD5

      04c35162cafeb455d9294f8a793c1d5a

    • SHA1

      6e7f606b379ff92bb246f7ddf94e7d1b503a7789

    • SHA256

      d1d95b3ee72fa5c17cfc360f0a27c50385a89e3933855ed694eef05fffc2381f

    • SHA512

      89c6196c2de5391b8c4ddbdb352d2b90b8be8fca20a8af146b01ca44e6f96ba40c4c57cf12fc60d407339403f898ae351e35061aa99bd55489af691b32527b9e

    • SSDEEP

      12288:xSgreJ4MJ8i7EB37Wk4pi5W0mPpg9VfI:xMJ4MJXwN77C0mPpa

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks