General

  • Target

    4e5e324d5d1c37eba49d382668f660d691113a6e7f58e915e899a83e7c7b32a7

  • Size

    273KB

  • Sample

    241106-y7mhwaxcma

  • MD5

    152fad75620b78119fe0a70e181acba0

  • SHA1

    4bdcdfff1d7346cd5fcd7d5937ee5ae5fb27d388

  • SHA256

    4e5e324d5d1c37eba49d382668f660d691113a6e7f58e915e899a83e7c7b32a7

  • SHA512

    740b3dd24881d605f32224b8ef2d9e31dd19203123c77e0724ebf272ccf2984655ec32ab876cec602693378cb23caab7df7512a73d1904cf5f12fd53a26b6972

  • SSDEEP

    6144:bdqL9TqYimTVI7rSr3n8NJpH0HtDZkuuIgZuUjptNrmCdT6VwLB:ZqJTq0TwQ8NJpH0NFkuyN9frmCde6L

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      4e5e324d5d1c37eba49d382668f660d691113a6e7f58e915e899a83e7c7b32a7

    • Size

      273KB

    • MD5

      152fad75620b78119fe0a70e181acba0

    • SHA1

      4bdcdfff1d7346cd5fcd7d5937ee5ae5fb27d388

    • SHA256

      4e5e324d5d1c37eba49d382668f660d691113a6e7f58e915e899a83e7c7b32a7

    • SHA512

      740b3dd24881d605f32224b8ef2d9e31dd19203123c77e0724ebf272ccf2984655ec32ab876cec602693378cb23caab7df7512a73d1904cf5f12fd53a26b6972

    • SSDEEP

      6144:bdqL9TqYimTVI7rSr3n8NJpH0HtDZkuuIgZuUjptNrmCdT6VwLB:ZqJTq0TwQ8NJpH0NFkuyN9frmCde6L

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks