General

  • Target

    3c239ba68a121fe318952a26fffdc0671ecd0f75edd9e97999f959daf9c43aac

  • Size

    434KB

  • Sample

    241107-q7se5awkfq

  • MD5

    35225fd32445b5447bb72911c0a744bd

  • SHA1

    3cdd376fc795a8f6d5d8a4a5726d4df99b78d848

  • SHA256

    3c239ba68a121fe318952a26fffdc0671ecd0f75edd9e97999f959daf9c43aac

  • SHA512

    09a9bd06b2a61f0a5c0b25dd66c14731d5270d464d8a5581bab6f762926d722bd854391eae3b447f8b4e6417ca72cc0370f0c17e0e26f9ba393affeeb0549db2

  • SSDEEP

    6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      3c239ba68a121fe318952a26fffdc0671ecd0f75edd9e97999f959daf9c43aac

    • Size

      434KB

    • MD5

      35225fd32445b5447bb72911c0a744bd

    • SHA1

      3cdd376fc795a8f6d5d8a4a5726d4df99b78d848

    • SHA256

      3c239ba68a121fe318952a26fffdc0671ecd0f75edd9e97999f959daf9c43aac

    • SHA512

      09a9bd06b2a61f0a5c0b25dd66c14731d5270d464d8a5581bab6f762926d722bd854391eae3b447f8b4e6417ca72cc0370f0c17e0e26f9ba393affeeb0549db2

    • SSDEEP

      6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks