General

  • Target

    e86afdc2ccc9222e71ce8b3ac58bf3e3c622777773f724a15c6c151244d0d2c6

  • Size

    446KB

  • Sample

    241106-kaj5layphk

  • MD5

    8f6e9f310121ae47b114a184553cb21f

  • SHA1

    9d98ac15865818d3143d7b41f41037343609565e

  • SHA256

    e86afdc2ccc9222e71ce8b3ac58bf3e3c622777773f724a15c6c151244d0d2c6

  • SHA512

    0d887df76946f293fe523b7a6bbfdbe3b1641e9d617373c3e5b153e5aec552dd4182fbbdbe9b757b8a93ea485f419c233d5d870c0bec5a357f128ff4d694ca51

  • SSDEEP

    6144:+joYSL1G2fCi9q2IxEjfR9uTCCZC9+IpUrfi7+Pe7cTT6Hin6v9R:FbGCIEjfRulC9+IerfaYe7LW6v

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      e86afdc2ccc9222e71ce8b3ac58bf3e3c622777773f724a15c6c151244d0d2c6

    • Size

      446KB

    • MD5

      8f6e9f310121ae47b114a184553cb21f

    • SHA1

      9d98ac15865818d3143d7b41f41037343609565e

    • SHA256

      e86afdc2ccc9222e71ce8b3ac58bf3e3c622777773f724a15c6c151244d0d2c6

    • SHA512

      0d887df76946f293fe523b7a6bbfdbe3b1641e9d617373c3e5b153e5aec552dd4182fbbdbe9b757b8a93ea485f419c233d5d870c0bec5a357f128ff4d694ca51

    • SSDEEP

      6144:+joYSL1G2fCi9q2IxEjfR9uTCCZC9+IpUrfi7+Pe7cTT6Hin6v9R:FbGCIEjfRulC9+IerfaYe7LW6v

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks