General

  • Target

    2e8803530006789f5519f011b8ab0c5ce666232d9419a88d21d8dd5108af7892

  • Size

    446KB

  • Sample

    241107-m3c8vs1ekk

  • MD5

    e4e379b5b282b79ce8482c75965a9aee

  • SHA1

    6276bbe4d6288f3066cab3b5b0b75168e8b4ab6b

  • SHA256

    2e8803530006789f5519f011b8ab0c5ce666232d9419a88d21d8dd5108af7892

  • SHA512

    f7612b99b14a50bbdd06cebbf1f2ca1872a8e73a6350e6bdce94fc951df2fd9cd89a6c31be98d3bf77666ae81fd933c48a54751868e63354749407cfeced8e33

  • SSDEEP

    12288:S8ejRy6JaJelQM6uGOKMaWxHJpizjWs4M:XqYes3MxxHJpR7M

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      2e8803530006789f5519f011b8ab0c5ce666232d9419a88d21d8dd5108af7892

    • Size

      446KB

    • MD5

      e4e379b5b282b79ce8482c75965a9aee

    • SHA1

      6276bbe4d6288f3066cab3b5b0b75168e8b4ab6b

    • SHA256

      2e8803530006789f5519f011b8ab0c5ce666232d9419a88d21d8dd5108af7892

    • SHA512

      f7612b99b14a50bbdd06cebbf1f2ca1872a8e73a6350e6bdce94fc951df2fd9cd89a6c31be98d3bf77666ae81fd933c48a54751868e63354749407cfeced8e33

    • SSDEEP

      12288:S8ejRy6JaJelQM6uGOKMaWxHJpizjWs4M:XqYes3MxxHJpR7M

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks