General

  • Target

    52ca48ff9da65b6db89e8d75fe2a88ee01d66e373bc2c27a78fc4a8ceb93f835

  • Size

    273KB

  • Sample

    241106-v583bavflk

  • MD5

    895e88f2c12d06b9d6814410a6244409

  • SHA1

    b1518428faff16188847e4a6f8f6952a06fee59a

  • SHA256

    52ca48ff9da65b6db89e8d75fe2a88ee01d66e373bc2c27a78fc4a8ceb93f835

  • SHA512

    259b2ea09a06d3a02719ed9f239780a8640718712fe08196c623ee92fc74c93d7548ed45225d0b8bff40edd9d9c73f566ae6871047f76f6cdfab772966490e56

  • SSDEEP

    6144:bdqL9TqYimTVI7rSr3n8NJpH0HtDZkuuIgZuUjptNrmCdT6VwLB:ZqJTq0TwQ8NJpH0NFkuyN9frmCde6L

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      52ca48ff9da65b6db89e8d75fe2a88ee01d66e373bc2c27a78fc4a8ceb93f835

    • Size

      273KB

    • MD5

      895e88f2c12d06b9d6814410a6244409

    • SHA1

      b1518428faff16188847e4a6f8f6952a06fee59a

    • SHA256

      52ca48ff9da65b6db89e8d75fe2a88ee01d66e373bc2c27a78fc4a8ceb93f835

    • SHA512

      259b2ea09a06d3a02719ed9f239780a8640718712fe08196c623ee92fc74c93d7548ed45225d0b8bff40edd9d9c73f566ae6871047f76f6cdfab772966490e56

    • SSDEEP

      6144:bdqL9TqYimTVI7rSr3n8NJpH0HtDZkuuIgZuUjptNrmCdT6VwLB:ZqJTq0TwQ8NJpH0NFkuyN9frmCde6L

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks