General

  • Target

    c467e63924abaccdc3b3c6cf6c3d015ecacc66cecb53ac5b9d97bdda896a93eb

  • Size

    274KB

  • Sample

    241106-1argnsyapg

  • MD5

    1d7dc6e6518037d7aa45f98270c296d4

  • SHA1

    be99763ca34809de3e83967bb2b46c6040a0eb46

  • SHA256

    c467e63924abaccdc3b3c6cf6c3d015ecacc66cecb53ac5b9d97bdda896a93eb

  • SHA512

    963314f3aa404179ae2d8404d03cfac82233c3bc6177aae6938ae6e175278b88f7d7a3030e607f7bd7b11a2c41d988ed78f9d64259fb07fdbd585d875ae9e999

  • SSDEEP

    6144:3OzLoJazKULP9wHZZNQHnjSGWLSioSEIYR/mJekTfj4B:ezUJa3p0NQHGSwNYR+BTc

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      c467e63924abaccdc3b3c6cf6c3d015ecacc66cecb53ac5b9d97bdda896a93eb

    • Size

      274KB

    • MD5

      1d7dc6e6518037d7aa45f98270c296d4

    • SHA1

      be99763ca34809de3e83967bb2b46c6040a0eb46

    • SHA256

      c467e63924abaccdc3b3c6cf6c3d015ecacc66cecb53ac5b9d97bdda896a93eb

    • SHA512

      963314f3aa404179ae2d8404d03cfac82233c3bc6177aae6938ae6e175278b88f7d7a3030e607f7bd7b11a2c41d988ed78f9d64259fb07fdbd585d875ae9e999

    • SSDEEP

      6144:3OzLoJazKULP9wHZZNQHnjSGWLSioSEIYR/mJekTfj4B:ezUJa3p0NQHGSwNYR+BTc

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks