General

  • Target

    2c9b0c2676395df66ea2aba7fa0265e5ef241cd71bcb4fd90551758cf6bb76ab

  • Size

    441KB

  • Sample

    241106-1mfwpsyfqn

  • MD5

    86e74a6a501972ccb8440c814779cba3

  • SHA1

    78ce8c3ffcfd835a1900d80c2f82a1cd7bdf3506

  • SHA256

    2c9b0c2676395df66ea2aba7fa0265e5ef241cd71bcb4fd90551758cf6bb76ab

  • SHA512

    29fcc538ff3a5f41dd0e17729918f1364d6b8132efcb78046d3d1f485a02ebf69e4ad9a372f56ef18e25915d33dbe3217d496d8d6f765e52629b27394cdc500b

  • SSDEEP

    6144:pWRvYkImF8hmIaBp5fv0WeTkJ0+W/l2LeFV9jz67Quc:uc45hX0VTklIl2LGn60uc

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      2c9b0c2676395df66ea2aba7fa0265e5ef241cd71bcb4fd90551758cf6bb76ab

    • Size

      441KB

    • MD5

      86e74a6a501972ccb8440c814779cba3

    • SHA1

      78ce8c3ffcfd835a1900d80c2f82a1cd7bdf3506

    • SHA256

      2c9b0c2676395df66ea2aba7fa0265e5ef241cd71bcb4fd90551758cf6bb76ab

    • SHA512

      29fcc538ff3a5f41dd0e17729918f1364d6b8132efcb78046d3d1f485a02ebf69e4ad9a372f56ef18e25915d33dbe3217d496d8d6f765e52629b27394cdc500b

    • SSDEEP

      6144:pWRvYkImF8hmIaBp5fv0WeTkJ0+W/l2LeFV9jz67Quc:uc45hX0VTklIl2LGn60uc

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks