General

  • Target

    8ee817d81f714a910062758529fbd1b02a4ec6bda7c3fc8de3c9edd007a32a9e

  • Size

    434KB

  • Sample

    241106-ttj4datcne

  • MD5

    312b848cd677fddc21d8d710d76bfb4c

  • SHA1

    1e26da6347706ed36de6e3778c15c927bab0f7aa

  • SHA256

    8ee817d81f714a910062758529fbd1b02a4ec6bda7c3fc8de3c9edd007a32a9e

  • SHA512

    4a3cfccae02030427a09ccbad5b4c1e3e8cc198ea7dc7ca804bb17616ef9cee3f6b93131c787f08c6209ab7c572d9253e31d623fd46add535d2860a05a6862a9

  • SSDEEP

    6144:MJTpi7bxjww3MK4zPcMZ4fPHsjcm8wldunH7qorYiQI/Q+VK1I:+ihF3QPXZ8sjfBlduneorYU/Q+V

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      8ee817d81f714a910062758529fbd1b02a4ec6bda7c3fc8de3c9edd007a32a9e

    • Size

      434KB

    • MD5

      312b848cd677fddc21d8d710d76bfb4c

    • SHA1

      1e26da6347706ed36de6e3778c15c927bab0f7aa

    • SHA256

      8ee817d81f714a910062758529fbd1b02a4ec6bda7c3fc8de3c9edd007a32a9e

    • SHA512

      4a3cfccae02030427a09ccbad5b4c1e3e8cc198ea7dc7ca804bb17616ef9cee3f6b93131c787f08c6209ab7c572d9253e31d623fd46add535d2860a05a6862a9

    • SSDEEP

      6144:MJTpi7bxjww3MK4zPcMZ4fPHsjcm8wldunH7qorYiQI/Q+VK1I:+ihF3QPXZ8sjfBlduneorYU/Q+V

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks