General

  • Target

    790b8543a341df7ce9a7d39270dd4f6d42b90353387f51249f142e113dc6cd8e

  • Size

    434KB

  • Sample

    241106-k6fgaazlhm

  • MD5

    ba323f69547a9a9a2153eb0653c37973

  • SHA1

    85d36db888d3dd65274633bfb928690b5e99ea96

  • SHA256

    790b8543a341df7ce9a7d39270dd4f6d42b90353387f51249f142e113dc6cd8e

  • SHA512

    387d66a0d96f5a19e004e2b1e14db2e9afc534466e3e18049248655eff6a1c0cc7d0b4303e7cc3e5d825e7cd9f435da515ff07c0796139164c1b3fa6269fbf87

  • SSDEEP

    6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      790b8543a341df7ce9a7d39270dd4f6d42b90353387f51249f142e113dc6cd8e

    • Size

      434KB

    • MD5

      ba323f69547a9a9a2153eb0653c37973

    • SHA1

      85d36db888d3dd65274633bfb928690b5e99ea96

    • SHA256

      790b8543a341df7ce9a7d39270dd4f6d42b90353387f51249f142e113dc6cd8e

    • SHA512

      387d66a0d96f5a19e004e2b1e14db2e9afc534466e3e18049248655eff6a1c0cc7d0b4303e7cc3e5d825e7cd9f435da515ff07c0796139164c1b3fa6269fbf87

    • SSDEEP

      6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks