General

  • Target

    9eadf150b6b8e554715277a026a613fa81bda142866a3ede7fbf741eb793cfd8

  • Size

    441KB

  • Sample

    241105-zpyzmaygqq

  • MD5

    294aa09afa69a84182c99237e5fa7987

  • SHA1

    b82cd7513d7621207130359458549deeeccb20a2

  • SHA256

    9eadf150b6b8e554715277a026a613fa81bda142866a3ede7fbf741eb793cfd8

  • SHA512

    5028b71196bb85f4583c0f804b9722c3b325262be6bdefee50bfddb43bfb828a8569b33f13c1b8b1c65b6253b846f561b3da115f456367221c43067a2185a204

  • SSDEEP

    6144:pWRvYkImF8hmIaBp5fv0WeTkJ0+W/l2LeFV9jz67Quc:uc45hX0VTklIl2LGn60uc

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      9eadf150b6b8e554715277a026a613fa81bda142866a3ede7fbf741eb793cfd8

    • Size

      441KB

    • MD5

      294aa09afa69a84182c99237e5fa7987

    • SHA1

      b82cd7513d7621207130359458549deeeccb20a2

    • SHA256

      9eadf150b6b8e554715277a026a613fa81bda142866a3ede7fbf741eb793cfd8

    • SHA512

      5028b71196bb85f4583c0f804b9722c3b325262be6bdefee50bfddb43bfb828a8569b33f13c1b8b1c65b6253b846f561b3da115f456367221c43067a2185a204

    • SSDEEP

      6144:pWRvYkImF8hmIaBp5fv0WeTkJ0+W/l2LeFV9jz67Quc:uc45hX0VTklIl2LGn60uc

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks