General

  • Target

    7437a1019df1857bc39042a718a067d1a3348bcdfe6c99fb069ee2c072c12fe8

  • Size

    394KB

  • Sample

    241106-ylpfcawkc1

  • MD5

    314d9c50675e39fcc02caa85a5d0ec55

  • SHA1

    0f182f90fee125ed2da66f7b54904dc7096937e6

  • SHA256

    7437a1019df1857bc39042a718a067d1a3348bcdfe6c99fb069ee2c072c12fe8

  • SHA512

    8967edaa3eeeddddcb6dd4002b44bf0e5c996ddf95c4f1936a5956ba1d9f54fc3dfea6ffee91519321e3372234c3b2482c2bc6fe2c965c9dcd13a598b2002472

  • SSDEEP

    6144:lPi6qmtILCIkpkM6TocNPoK6PoeZWubwJzOPajIJ+ZMabu0xJMan11zA:l6UWLHkp5In8wJkajQ+eVIJMaQ

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      7437a1019df1857bc39042a718a067d1a3348bcdfe6c99fb069ee2c072c12fe8

    • Size

      394KB

    • MD5

      314d9c50675e39fcc02caa85a5d0ec55

    • SHA1

      0f182f90fee125ed2da66f7b54904dc7096937e6

    • SHA256

      7437a1019df1857bc39042a718a067d1a3348bcdfe6c99fb069ee2c072c12fe8

    • SHA512

      8967edaa3eeeddddcb6dd4002b44bf0e5c996ddf95c4f1936a5956ba1d9f54fc3dfea6ffee91519321e3372234c3b2482c2bc6fe2c965c9dcd13a598b2002472

    • SSDEEP

      6144:lPi6qmtILCIkpkM6TocNPoK6PoeZWubwJzOPajIJ+ZMabu0xJMan11zA:l6UWLHkp5In8wJkajQ+eVIJMaQ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks