General

  • Target

    14bcdda77523df455ddadb1dcbdb55cb58b5a8764b95540125129d5e1877f070

  • Size

    446KB

  • Sample

    241106-kqh78szjbn

  • MD5

    e7a2b43770850ef7718b2d255b7da86e

  • SHA1

    e1d83a7505b55b994da1895d7397dec0dde07da6

  • SHA256

    14bcdda77523df455ddadb1dcbdb55cb58b5a8764b95540125129d5e1877f070

  • SHA512

    725a0c5f0e29c15bcf73dc394f2f472efb3afd47255eab230b75641890672643a86857c1e89abd684205056ee2e8c68b2b2dafbf582f66730424405986aae735

  • SSDEEP

    12288:xSgreJ4MJ8i7EB37Wk4pi5W0mPpg9VfI:xMJ4MJXwN77C0mPpa

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      14bcdda77523df455ddadb1dcbdb55cb58b5a8764b95540125129d5e1877f070

    • Size

      446KB

    • MD5

      e7a2b43770850ef7718b2d255b7da86e

    • SHA1

      e1d83a7505b55b994da1895d7397dec0dde07da6

    • SHA256

      14bcdda77523df455ddadb1dcbdb55cb58b5a8764b95540125129d5e1877f070

    • SHA512

      725a0c5f0e29c15bcf73dc394f2f472efb3afd47255eab230b75641890672643a86857c1e89abd684205056ee2e8c68b2b2dafbf582f66730424405986aae735

    • SSDEEP

      12288:xSgreJ4MJ8i7EB37Wk4pi5W0mPpg9VfI:xMJ4MJXwN77C0mPpa

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks