General

  • Target

    ddbfe6639cb5ed0ec49b0721a6331797e262787664df9baa8ff00c4556c29aab

  • Size

    446KB

  • Sample

    241106-txlrdawlbq

  • MD5

    ad2eda6bfc8b9e7229cbaa44737de7aa

  • SHA1

    94c76669c6e798ecfce9e6c0965c271afcefec3c

  • SHA256

    ddbfe6639cb5ed0ec49b0721a6331797e262787664df9baa8ff00c4556c29aab

  • SHA512

    c0ea24726d707202f3e32f7739f0e62a29497b8cee06d37e41dde10aea72dcaf752129741ada602e133a49b2b2ed508dbc9253ac8576e605a32f5731c1c99531

  • SSDEEP

    6144:+YyWzDI3pZCdgaf62qT2Ew+34Ua66+u4jPBq2pjSKcGd56:Sv3p4KaEX34UJ6+uw5q2pjxd5

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      ddbfe6639cb5ed0ec49b0721a6331797e262787664df9baa8ff00c4556c29aab

    • Size

      446KB

    • MD5

      ad2eda6bfc8b9e7229cbaa44737de7aa

    • SHA1

      94c76669c6e798ecfce9e6c0965c271afcefec3c

    • SHA256

      ddbfe6639cb5ed0ec49b0721a6331797e262787664df9baa8ff00c4556c29aab

    • SHA512

      c0ea24726d707202f3e32f7739f0e62a29497b8cee06d37e41dde10aea72dcaf752129741ada602e133a49b2b2ed508dbc9253ac8576e605a32f5731c1c99531

    • SSDEEP

      6144:+YyWzDI3pZCdgaf62qT2Ew+34Ua66+u4jPBq2pjSKcGd56:Sv3p4KaEX34UJ6+uw5q2pjxd5

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks