General

  • Target

    79c54064d1514e6a5a4f4791667379e9263c82be61c9c48721f3348b82667c50

  • Size

    434KB

  • Sample

    241105-zvwfpa1mck

  • MD5

    71b656509ae5592776e7d50aee475636

  • SHA1

    8d543f0630cf27b1d6935e99fa609335236a122a

  • SHA256

    79c54064d1514e6a5a4f4791667379e9263c82be61c9c48721f3348b82667c50

  • SHA512

    9bc5a8404b7fb123ebe00734c4939b664702d3eff86ba42d76afec1bca614f2f27526f51896d7950cfe996b2f0302957c5e8bae63f4bbd96407503a0fff42489

  • SSDEEP

    6144:IA/r6ksws1/whwnCWCDmV344pWNE20JvHoinidCso6URDkp6:J/rroDCWeW7sE20JPoinnso6UdK

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      79c54064d1514e6a5a4f4791667379e9263c82be61c9c48721f3348b82667c50

    • Size

      434KB

    • MD5

      71b656509ae5592776e7d50aee475636

    • SHA1

      8d543f0630cf27b1d6935e99fa609335236a122a

    • SHA256

      79c54064d1514e6a5a4f4791667379e9263c82be61c9c48721f3348b82667c50

    • SHA512

      9bc5a8404b7fb123ebe00734c4939b664702d3eff86ba42d76afec1bca614f2f27526f51896d7950cfe996b2f0302957c5e8bae63f4bbd96407503a0fff42489

    • SSDEEP

      6144:IA/r6ksws1/whwnCWCDmV344pWNE20JvHoinidCso6URDkp6:J/rroDCWeW7sE20JPoinnso6UdK

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks