General

  • Target

    f35328e26feddc351dcb33f3ecc42a4313a86244c49b4c57a8c2994a37b3e835

  • Size

    273KB

  • Sample

    241106-zlz3hszmcq

  • MD5

    f253dc3504acea2db99d83ce738a8e17

  • SHA1

    99f8e157bd0c53c5382282f69b449d2de8a5f3b5

  • SHA256

    f35328e26feddc351dcb33f3ecc42a4313a86244c49b4c57a8c2994a37b3e835

  • SHA512

    0235ddd4336075ee97f4effbe7ebbcf695dd7ea787dc0d45e63d5686cb307de47f5414e81630d578b00b8e799123ad793bd7db93a6b598c7f71d7283f960bcca

  • SSDEEP

    6144:ppXL09yoFML3jGXA8DHiKbCzM1OWXz89yUs46ntHyrst2B:HXayoFcKTfUKY96VnFgst2

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      f35328e26feddc351dcb33f3ecc42a4313a86244c49b4c57a8c2994a37b3e835

    • Size

      273KB

    • MD5

      f253dc3504acea2db99d83ce738a8e17

    • SHA1

      99f8e157bd0c53c5382282f69b449d2de8a5f3b5

    • SHA256

      f35328e26feddc351dcb33f3ecc42a4313a86244c49b4c57a8c2994a37b3e835

    • SHA512

      0235ddd4336075ee97f4effbe7ebbcf695dd7ea787dc0d45e63d5686cb307de47f5414e81630d578b00b8e799123ad793bd7db93a6b598c7f71d7283f960bcca

    • SSDEEP

      6144:ppXL09yoFML3jGXA8DHiKbCzM1OWXz89yUs46ntHyrst2B:HXayoFcKTfUKY96VnFgst2

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks