General

  • Target

    2e478129543e9c0e4a454e7765e30db21fcc60af2fcb744f88451c771667fb42

  • Size

    434KB

  • Sample

    241106-xrl2qsvmht

  • MD5

    7f84c7e54686e2d93d83ee21d7bf13e5

  • SHA1

    9a738d93401388da390515df93bdaa8ef8ba5082

  • SHA256

    2e478129543e9c0e4a454e7765e30db21fcc60af2fcb744f88451c771667fb42

  • SHA512

    e66533e6f77754705163cba3e61208ac6d77dfd3c36d223990f9d313735b9f02ed21ec8e0964e5238c58b85bb3bd6dbc7e5eff8468f9fd5794a8b72386d208b4

  • SSDEEP

    6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      2e478129543e9c0e4a454e7765e30db21fcc60af2fcb744f88451c771667fb42

    • Size

      434KB

    • MD5

      7f84c7e54686e2d93d83ee21d7bf13e5

    • SHA1

      9a738d93401388da390515df93bdaa8ef8ba5082

    • SHA256

      2e478129543e9c0e4a454e7765e30db21fcc60af2fcb744f88451c771667fb42

    • SHA512

      e66533e6f77754705163cba3e61208ac6d77dfd3c36d223990f9d313735b9f02ed21ec8e0964e5238c58b85bb3bd6dbc7e5eff8468f9fd5794a8b72386d208b4

    • SSDEEP

      6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks