General

  • Target

    3db03eacd39dd2873fbea38edece2cb545e8e25e8705cbbb9ea2d558edbf1c39

  • Size

    394KB

  • Sample

    241107-p5sgns1rey

  • MD5

    7dea85bb45edef83f4532665cba4edd4

  • SHA1

    8293f460830525eda5b3f46643c57332d40e1355

  • SHA256

    3db03eacd39dd2873fbea38edece2cb545e8e25e8705cbbb9ea2d558edbf1c39

  • SHA512

    57e39d640f870f275327a084269e1b64be60d0dc016169a9a2baf0a99f7dc45c69fc660491b4d6bbb72e57d45f00cf1961939dd53fae931c32b35ea1e77c0132

  • SSDEEP

    6144:JvY/hfaNsYeaDDHBYolh5nkRAnlEJa7xwZ124+JXerMchss+x1UkUV:iht/a3HuUMRu7xw7f+h/wss+ck

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      3db03eacd39dd2873fbea38edece2cb545e8e25e8705cbbb9ea2d558edbf1c39

    • Size

      394KB

    • MD5

      7dea85bb45edef83f4532665cba4edd4

    • SHA1

      8293f460830525eda5b3f46643c57332d40e1355

    • SHA256

      3db03eacd39dd2873fbea38edece2cb545e8e25e8705cbbb9ea2d558edbf1c39

    • SHA512

      57e39d640f870f275327a084269e1b64be60d0dc016169a9a2baf0a99f7dc45c69fc660491b4d6bbb72e57d45f00cf1961939dd53fae931c32b35ea1e77c0132

    • SSDEEP

      6144:JvY/hfaNsYeaDDHBYolh5nkRAnlEJa7xwZ124+JXerMchss+x1UkUV:iht/a3HuUMRu7xw7f+h/wss+ck

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks