General

  • Target

    a05e1235140014fbc386509b650773a590d9e0b2f82023678d4d270ba0785738

  • Size

    446KB

  • Sample

    241106-ty7egaspew

  • MD5

    c307cddc504979e8c7a8eb89e06a9591

  • SHA1

    9e91241dd7ec8932cf969e59adfb43c16f43de3b

  • SHA256

    a05e1235140014fbc386509b650773a590d9e0b2f82023678d4d270ba0785738

  • SHA512

    75a36e028b67ba65f31a60059b4f76fccee25be631e8b8a7b994b2759749cc9ed1e5387eb2df1398a6f1feee125bb7d903f907033e392aa4e3360af7545a8a79

  • SSDEEP

    6144:+YyWzDI3pZCdgaf62qT2Ew+34Ua66+u4jPBq2pjSKcGd56:Sv3p4KaEX34UJ6+uw5q2pjxd5

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      a05e1235140014fbc386509b650773a590d9e0b2f82023678d4d270ba0785738

    • Size

      446KB

    • MD5

      c307cddc504979e8c7a8eb89e06a9591

    • SHA1

      9e91241dd7ec8932cf969e59adfb43c16f43de3b

    • SHA256

      a05e1235140014fbc386509b650773a590d9e0b2f82023678d4d270ba0785738

    • SHA512

      75a36e028b67ba65f31a60059b4f76fccee25be631e8b8a7b994b2759749cc9ed1e5387eb2df1398a6f1feee125bb7d903f907033e392aa4e3360af7545a8a79

    • SSDEEP

      6144:+YyWzDI3pZCdgaf62qT2Ew+34Ua66+u4jPBq2pjSKcGd56:Sv3p4KaEX34UJ6+uw5q2pjxd5

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks