General

  • Target

    51117d61803d4ee1e1d3a8a47fdd567632b5c2a21e1c0e374ca0cbbc2bf3e90c

  • Size

    394KB

  • Sample

    241107-p22k6svnam

  • MD5

    51281890085e33407db45f1d75f157e4

  • SHA1

    4593773bbf4e25bce9276cb3d3f12a0002929f93

  • SHA256

    51117d61803d4ee1e1d3a8a47fdd567632b5c2a21e1c0e374ca0cbbc2bf3e90c

  • SHA512

    2c5e2d72b3a4dbb6d39d8a60afaa970a3723e3ffe991d7dab6fdac5e94579822229b77c1e8bd0d4b2ccf89da288aa9a90e8d66466ab37fe349e3f4c1b8cc9f72

  • SSDEEP

    6144:JvY/hfaNsYeaDDHBYolh5nkRAnlEJa7xwZ124+JXerMchss+x1UkUV:iht/a3HuUMRu7xw7f+h/wss+ck

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      51117d61803d4ee1e1d3a8a47fdd567632b5c2a21e1c0e374ca0cbbc2bf3e90c

    • Size

      394KB

    • MD5

      51281890085e33407db45f1d75f157e4

    • SHA1

      4593773bbf4e25bce9276cb3d3f12a0002929f93

    • SHA256

      51117d61803d4ee1e1d3a8a47fdd567632b5c2a21e1c0e374ca0cbbc2bf3e90c

    • SHA512

      2c5e2d72b3a4dbb6d39d8a60afaa970a3723e3ffe991d7dab6fdac5e94579822229b77c1e8bd0d4b2ccf89da288aa9a90e8d66466ab37fe349e3f4c1b8cc9f72

    • SSDEEP

      6144:JvY/hfaNsYeaDDHBYolh5nkRAnlEJa7xwZ124+JXerMchss+x1UkUV:iht/a3HuUMRu7xw7f+h/wss+ck

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks