General

  • Target

    fac8c89f4b8ceb63b90dc63b6438cb28ef7f8f1b70bce2541a9ace2b1caec255

  • Size

    394KB

  • Sample

    241106-ysgzvaxdqp

  • MD5

    9b944c4067dc261cdfb275f298265afe

  • SHA1

    ad0fb95dda5951b17efec780bb7119ea6841ebfd

  • SHA256

    fac8c89f4b8ceb63b90dc63b6438cb28ef7f8f1b70bce2541a9ace2b1caec255

  • SHA512

    f374d2a4c35af68f8e5b48d6c1a167e54b005f35bc615acc193cb7986b7bd515cb2e3c6b8825e3ca310d3c604b4b8e9e6bf282299b87464a2378adad74bc10e6

  • SSDEEP

    6144:lPi6qmtILCIkpkM6TocNPoK6PoeZWubwJzOPajIJ+ZMabu0xJMan11zA:l6UWLHkp5In8wJkajQ+eVIJMaQ

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      fac8c89f4b8ceb63b90dc63b6438cb28ef7f8f1b70bce2541a9ace2b1caec255

    • Size

      394KB

    • MD5

      9b944c4067dc261cdfb275f298265afe

    • SHA1

      ad0fb95dda5951b17efec780bb7119ea6841ebfd

    • SHA256

      fac8c89f4b8ceb63b90dc63b6438cb28ef7f8f1b70bce2541a9ace2b1caec255

    • SHA512

      f374d2a4c35af68f8e5b48d6c1a167e54b005f35bc615acc193cb7986b7bd515cb2e3c6b8825e3ca310d3c604b4b8e9e6bf282299b87464a2378adad74bc10e6

    • SSDEEP

      6144:lPi6qmtILCIkpkM6TocNPoK6PoeZWubwJzOPajIJ+ZMabu0xJMan11zA:l6UWLHkp5In8wJkajQ+eVIJMaQ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks