General

  • Target

    b11f95dfceaa3b719d21ab7cbe3689e023d99b8d7254524c872ad437e7ebecc2

  • Size

    446KB

  • Sample

    241106-t55t8awmbp

  • MD5

    3a0158dde3d0ce6d1989d9b58ed5c0ed

  • SHA1

    8696a16454305187777ea46d91394571f93028c0

  • SHA256

    b11f95dfceaa3b719d21ab7cbe3689e023d99b8d7254524c872ad437e7ebecc2

  • SHA512

    86aeddd9fe4500080c8e30cdb42079b00f61bd717d1bb02c0fb24e2be22bd61837f7aa359aa629b216414aa946be97f51f6fc351c5ba87cbbd525fd07ed17487

  • SSDEEP

    6144:+joYSL1G2fCi9q2IxEjfR9uTCCZC9+IpUrfi7+Pe7cTT6Hin6v9R:FbGCIEjfRulC9+IerfaYe7LW6v

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      b11f95dfceaa3b719d21ab7cbe3689e023d99b8d7254524c872ad437e7ebecc2

    • Size

      446KB

    • MD5

      3a0158dde3d0ce6d1989d9b58ed5c0ed

    • SHA1

      8696a16454305187777ea46d91394571f93028c0

    • SHA256

      b11f95dfceaa3b719d21ab7cbe3689e023d99b8d7254524c872ad437e7ebecc2

    • SHA512

      86aeddd9fe4500080c8e30cdb42079b00f61bd717d1bb02c0fb24e2be22bd61837f7aa359aa629b216414aa946be97f51f6fc351c5ba87cbbd525fd07ed17487

    • SSDEEP

      6144:+joYSL1G2fCi9q2IxEjfR9uTCCZC9+IpUrfi7+Pe7cTT6Hin6v9R:FbGCIEjfRulC9+IerfaYe7LW6v

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks