General

  • Target

    b6ea11081ac91b45be0e4f69ea37dcdd6b8e4e17934740a648be472e9c19d568

  • Size

    434KB

  • Sample

    241107-nmgrsa1jev

  • MD5

    295fdb15f8b5658dd328d82541371d5c

  • SHA1

    49cb6b0c6d28fbdd9bd87f81ba6a924a2307456f

  • SHA256

    b6ea11081ac91b45be0e4f69ea37dcdd6b8e4e17934740a648be472e9c19d568

  • SHA512

    b667d53d1e074ae48263f8c7e73af51529261214cbc87d3a38983dbba9f534b8746d548938955525b02335f840b21228eb2a7b64747115363721353f2a1408aa

  • SSDEEP

    6144:jT+p2+wmSFThVQdmWGwMLqlhC5wvsu6GZcfo0Hz21OOuq0tc+o:Pw6FHimWrJhC5Osu6G6fo0HzLOuq0tj

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      b6ea11081ac91b45be0e4f69ea37dcdd6b8e4e17934740a648be472e9c19d568

    • Size

      434KB

    • MD5

      295fdb15f8b5658dd328d82541371d5c

    • SHA1

      49cb6b0c6d28fbdd9bd87f81ba6a924a2307456f

    • SHA256

      b6ea11081ac91b45be0e4f69ea37dcdd6b8e4e17934740a648be472e9c19d568

    • SHA512

      b667d53d1e074ae48263f8c7e73af51529261214cbc87d3a38983dbba9f534b8746d548938955525b02335f840b21228eb2a7b64747115363721353f2a1408aa

    • SSDEEP

      6144:jT+p2+wmSFThVQdmWGwMLqlhC5wvsu6GZcfo0Hz21OOuq0tc+o:Pw6FHimWrJhC5Osu6G6fo0HzLOuq0tj

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks