General

  • Target

    dc57e7e07a05389b4594b78c4d1073934d694fc923bcd6ed31e7514344679f3f

  • Size

    394KB

  • Sample

    241106-xa7bcavhja

  • MD5

    49380de0083dc88ab1026aa231699fac

  • SHA1

    2576fea40336bf50bedc2a197881a2fa90d28b53

  • SHA256

    dc57e7e07a05389b4594b78c4d1073934d694fc923bcd6ed31e7514344679f3f

  • SHA512

    9b38eda1a41da42421e8bc3f95a259f15fee9b35bcb956bd6cebc076c57dd86c88544c4f8cda0e7a856d9b1c898908fc5d8379e652ffe326f8530af5e54cddf4

  • SSDEEP

    6144:JvY/hfaNsYeaDDHBYolh5nkRAnlEJa7xwZ124+JXerMchss+x1UkUV:iht/a3HuUMRu7xw7f+h/wss+ck

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      dc57e7e07a05389b4594b78c4d1073934d694fc923bcd6ed31e7514344679f3f

    • Size

      394KB

    • MD5

      49380de0083dc88ab1026aa231699fac

    • SHA1

      2576fea40336bf50bedc2a197881a2fa90d28b53

    • SHA256

      dc57e7e07a05389b4594b78c4d1073934d694fc923bcd6ed31e7514344679f3f

    • SHA512

      9b38eda1a41da42421e8bc3f95a259f15fee9b35bcb956bd6cebc076c57dd86c88544c4f8cda0e7a856d9b1c898908fc5d8379e652ffe326f8530af5e54cddf4

    • SSDEEP

      6144:JvY/hfaNsYeaDDHBYolh5nkRAnlEJa7xwZ124+JXerMchss+x1UkUV:iht/a3HuUMRu7xw7f+h/wss+ck

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks