General

  • Target

    0a73f80640f1b8f98e67983adc63ff1a33d67efb4382fad2869a94254d715a20

  • Size

    434KB

  • Sample

    241107-pnlmsssdnq

  • MD5

    ec5169771b20e296798295a74b9873e8

  • SHA1

    bcd8a67d57b598ab2b48d81032f08a4d328daffc

  • SHA256

    0a73f80640f1b8f98e67983adc63ff1a33d67efb4382fad2869a94254d715a20

  • SHA512

    447c68a292f4e4a64afbe8f6de35519b6c2df012cb6532c44db98f9e15226b993f53a76420f7b238ea1e62d4d2a964056eea30bceb71c2a6a0e52b6a81226d7c

  • SSDEEP

    6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      0a73f80640f1b8f98e67983adc63ff1a33d67efb4382fad2869a94254d715a20

    • Size

      434KB

    • MD5

      ec5169771b20e296798295a74b9873e8

    • SHA1

      bcd8a67d57b598ab2b48d81032f08a4d328daffc

    • SHA256

      0a73f80640f1b8f98e67983adc63ff1a33d67efb4382fad2869a94254d715a20

    • SHA512

      447c68a292f4e4a64afbe8f6de35519b6c2df012cb6532c44db98f9e15226b993f53a76420f7b238ea1e62d4d2a964056eea30bceb71c2a6a0e52b6a81226d7c

    • SSDEEP

      6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks