General

  • Target

    c2f5d19f002a7ae38c705fa5b4abedd15b0d8a289b01143d361294148993ec1d

  • Size

    394KB

  • Sample

    241106-x21mwawhpl

  • MD5

    7b54997c8d4df26588519678d181b9c7

  • SHA1

    52c57445f7f4f4221b03b01ba3ad7013e4976f7b

  • SHA256

    c2f5d19f002a7ae38c705fa5b4abedd15b0d8a289b01143d361294148993ec1d

  • SHA512

    df3baea2183e10cfe0ced198e559e5ae617d0dac89cb3c5c664c7f36f7706b5dc1a09760f22af9e2a080a1b69fcc1f51a5098016dab5f2f5956efe1f911ee5c2

  • SSDEEP

    6144:JvY/hfaNsYeaDDHBYolh5nkRAnlEJa7xwZ124+JXerMchss+x1UkUV:iht/a3HuUMRu7xw7f+h/wss+ck

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      c2f5d19f002a7ae38c705fa5b4abedd15b0d8a289b01143d361294148993ec1d

    • Size

      394KB

    • MD5

      7b54997c8d4df26588519678d181b9c7

    • SHA1

      52c57445f7f4f4221b03b01ba3ad7013e4976f7b

    • SHA256

      c2f5d19f002a7ae38c705fa5b4abedd15b0d8a289b01143d361294148993ec1d

    • SHA512

      df3baea2183e10cfe0ced198e559e5ae617d0dac89cb3c5c664c7f36f7706b5dc1a09760f22af9e2a080a1b69fcc1f51a5098016dab5f2f5956efe1f911ee5c2

    • SSDEEP

      6144:JvY/hfaNsYeaDDHBYolh5nkRAnlEJa7xwZ124+JXerMchss+x1UkUV:iht/a3HuUMRu7xw7f+h/wss+ck

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks