General

  • Target

    f60daa7c0e3b3177955b1391ea95a6365805527bc571bb950d69346641bfaf33

  • Size

    433KB

  • Sample

    241106-x5dbrawdqf

  • MD5

    00e01dba95cbdbae587e6c8d2b1237d0

  • SHA1

    97795dccf3323c58c128c4f4c577385417d4d0be

  • SHA256

    f60daa7c0e3b3177955b1391ea95a6365805527bc571bb950d69346641bfaf33

  • SHA512

    887ccebb7109a51e01bc52e287f168311b8f7918cbe99b6483905999433b5803c4b5394d70b8248b885bd314d931c43d450911ac95e6fc84d9d9af0a73704dfd

  • SSDEEP

    12288:A23qDw0q1u4suLA7OTxt05stpu9fobrhJuGHlA:ACqcpZJLA762evuihb

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      f60daa7c0e3b3177955b1391ea95a6365805527bc571bb950d69346641bfaf33

    • Size

      433KB

    • MD5

      00e01dba95cbdbae587e6c8d2b1237d0

    • SHA1

      97795dccf3323c58c128c4f4c577385417d4d0be

    • SHA256

      f60daa7c0e3b3177955b1391ea95a6365805527bc571bb950d69346641bfaf33

    • SHA512

      887ccebb7109a51e01bc52e287f168311b8f7918cbe99b6483905999433b5803c4b5394d70b8248b885bd314d931c43d450911ac95e6fc84d9d9af0a73704dfd

    • SSDEEP

      12288:A23qDw0q1u4suLA7OTxt05stpu9fobrhJuGHlA:ACqcpZJLA762evuihb

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks