General

  • Target

    444f2c1f654fb6730a57bf275d4d9f2945bb0d4f04b75b26c4e4003882b1900e

  • Size

    434KB

  • Sample

    241106-kh91zswlgz

  • MD5

    f37e818afa200cd8d8d07bca84ea0cb1

  • SHA1

    8c3f0757c36fd62d077e60999fbe57b2ea194226

  • SHA256

    444f2c1f654fb6730a57bf275d4d9f2945bb0d4f04b75b26c4e4003882b1900e

  • SHA512

    c202126c17e3c4164510eb5eb642666f6d9480a7331aed9e63d1c73ffee47f1d8deb714931088aaf770e6d61b5a004787f13c7b8a27e8702e21896d6c324e9bc

  • SSDEEP

    6144:MJTpi7bxjww3MK4zPcMZ4fPHsjcm8wldunH7qorYiQI/Q+VK1I:+ihF3QPXZ8sjfBlduneorYU/Q+V

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      444f2c1f654fb6730a57bf275d4d9f2945bb0d4f04b75b26c4e4003882b1900e

    • Size

      434KB

    • MD5

      f37e818afa200cd8d8d07bca84ea0cb1

    • SHA1

      8c3f0757c36fd62d077e60999fbe57b2ea194226

    • SHA256

      444f2c1f654fb6730a57bf275d4d9f2945bb0d4f04b75b26c4e4003882b1900e

    • SHA512

      c202126c17e3c4164510eb5eb642666f6d9480a7331aed9e63d1c73ffee47f1d8deb714931088aaf770e6d61b5a004787f13c7b8a27e8702e21896d6c324e9bc

    • SSDEEP

      6144:MJTpi7bxjww3MK4zPcMZ4fPHsjcm8wldunH7qorYiQI/Q+VK1I:+ihF3QPXZ8sjfBlduneorYU/Q+V

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks