General

  • Target

    b2432395f97a36b408799be28e8710955ec7be30e3d00596d0bc4123598e3311

  • Size

    446KB

  • Sample

    241106-ywjmvawlgz

  • MD5

    f3a6014945b7ccb8ef6675622123cbb4

  • SHA1

    8e1686f3a1da122815ec4d3a478facf695e243fe

  • SHA256

    b2432395f97a36b408799be28e8710955ec7be30e3d00596d0bc4123598e3311

  • SHA512

    8aae20a569253ddba07ae4dd56132729be1aa44482065b498c5b72e442dde8c132108084bf9fa274441e341ad02114104b62dd7e3f7600843c8825d053b97e65

  • SSDEEP

    6144:+joYSL1G2fCi9q2IxEjfR9uTCCZC9+IpUrfi7+Pe7cTT6Hin6v9R:FbGCIEjfRulC9+IerfaYe7LW6v

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      b2432395f97a36b408799be28e8710955ec7be30e3d00596d0bc4123598e3311

    • Size

      446KB

    • MD5

      f3a6014945b7ccb8ef6675622123cbb4

    • SHA1

      8e1686f3a1da122815ec4d3a478facf695e243fe

    • SHA256

      b2432395f97a36b408799be28e8710955ec7be30e3d00596d0bc4123598e3311

    • SHA512

      8aae20a569253ddba07ae4dd56132729be1aa44482065b498c5b72e442dde8c132108084bf9fa274441e341ad02114104b62dd7e3f7600843c8825d053b97e65

    • SSDEEP

      6144:+joYSL1G2fCi9q2IxEjfR9uTCCZC9+IpUrfi7+Pe7cTT6Hin6v9R:FbGCIEjfRulC9+IerfaYe7LW6v

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks