General

  • Target

    0e2ff19e69e804065723d898998d0f1a844889ada4667ffde702c97554635b4d

  • Size

    433KB

  • Sample

    241107-ncy83szrbz

  • MD5

    5d650c5f19b995f2786699b0dfdd6959

  • SHA1

    549c46e69ada39c0518af8210aa770e7f6e1baa9

  • SHA256

    0e2ff19e69e804065723d898998d0f1a844889ada4667ffde702c97554635b4d

  • SHA512

    e5e69e37738a2cb7ef95451992ded10ea214deec82e9561624b9c981dfcee74c53db1d7bc2bef4e081d1ec504504397ba45d0ef663dc5d80a4f7936f0fcbf017

  • SSDEEP

    12288:e1XjK6akObaCR71RWmXgYCR7Veo8R3T/+8NpKS:eak4J1LqA9+Ch

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      0e2ff19e69e804065723d898998d0f1a844889ada4667ffde702c97554635b4d

    • Size

      433KB

    • MD5

      5d650c5f19b995f2786699b0dfdd6959

    • SHA1

      549c46e69ada39c0518af8210aa770e7f6e1baa9

    • SHA256

      0e2ff19e69e804065723d898998d0f1a844889ada4667ffde702c97554635b4d

    • SHA512

      e5e69e37738a2cb7ef95451992ded10ea214deec82e9561624b9c981dfcee74c53db1d7bc2bef4e081d1ec504504397ba45d0ef663dc5d80a4f7936f0fcbf017

    • SSDEEP

      12288:e1XjK6akObaCR71RWmXgYCR7Veo8R3T/+8NpKS:eak4J1LqA9+Ch

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks