General

  • Target

    19d381cfd68bcbc016a291b3601494e2eaf8d65c0bf623fb8864b4e4c254e648

  • Size

    394KB

  • Sample

    241107-mqw57s1cnn

  • MD5

    1e19f9e6c32691cb00b4bb8b6477e6c4

  • SHA1

    ca646c97b32069037a98937541365ee556116e8c

  • SHA256

    19d381cfd68bcbc016a291b3601494e2eaf8d65c0bf623fb8864b4e4c254e648

  • SHA512

    8ccaf16e611d5739429693fce8cc3cd2b18a987e9bf2f2778d054ccb4329d34b7bc5c8a120628dd0e6daab6b4485b7fe94ec68875f6608d271d7d8dadff1d8dc

  • SSDEEP

    6144:JvY/hfaNsYeaDDHBYolh5nkRAnlEJa7xwZ124+JXerMchss+x1UkUV:iht/a3HuUMRu7xw7f+h/wss+ck

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      19d381cfd68bcbc016a291b3601494e2eaf8d65c0bf623fb8864b4e4c254e648

    • Size

      394KB

    • MD5

      1e19f9e6c32691cb00b4bb8b6477e6c4

    • SHA1

      ca646c97b32069037a98937541365ee556116e8c

    • SHA256

      19d381cfd68bcbc016a291b3601494e2eaf8d65c0bf623fb8864b4e4c254e648

    • SHA512

      8ccaf16e611d5739429693fce8cc3cd2b18a987e9bf2f2778d054ccb4329d34b7bc5c8a120628dd0e6daab6b4485b7fe94ec68875f6608d271d7d8dadff1d8dc

    • SSDEEP

      6144:JvY/hfaNsYeaDDHBYolh5nkRAnlEJa7xwZ124+JXerMchss+x1UkUV:iht/a3HuUMRu7xw7f+h/wss+ck

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks