General

  • Target

    cf5d5032f819342982521a122f9e5f5a37274f614aa791ccdbb6e50ab84b1d3a

  • Size

    446KB

  • Sample

    241106-tpt3sawkan

  • MD5

    898745b2ac1bed4f5590a3f68b868958

  • SHA1

    636be00c65940a257251c017c4ecb444115083bf

  • SHA256

    cf5d5032f819342982521a122f9e5f5a37274f614aa791ccdbb6e50ab84b1d3a

  • SHA512

    11fc76ddf878c6b4e9c50e033dd905f0be04a816d919c293a7839ae295bc3e26fbe34fc16a0b08e76438a68d0621e7ba53a02602f1d1683758d0646b771987a6

  • SSDEEP

    6144:+YyWzDI3pZCdgaf62qT2Ew+34Ua66+u4jPBq2pjSKcGd56:Sv3p4KaEX34UJ6+uw5q2pjxd5

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      cf5d5032f819342982521a122f9e5f5a37274f614aa791ccdbb6e50ab84b1d3a

    • Size

      446KB

    • MD5

      898745b2ac1bed4f5590a3f68b868958

    • SHA1

      636be00c65940a257251c017c4ecb444115083bf

    • SHA256

      cf5d5032f819342982521a122f9e5f5a37274f614aa791ccdbb6e50ab84b1d3a

    • SHA512

      11fc76ddf878c6b4e9c50e033dd905f0be04a816d919c293a7839ae295bc3e26fbe34fc16a0b08e76438a68d0621e7ba53a02602f1d1683758d0646b771987a6

    • SSDEEP

      6144:+YyWzDI3pZCdgaf62qT2Ew+34Ua66+u4jPBq2pjSKcGd56:Sv3p4KaEX34UJ6+uw5q2pjxd5

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks