General

  • Target

    5f56377cccb0d8b81e1335fae690007cf4c0bb2009d177d68b64f4f5213b3540

  • Size

    434KB

  • Sample

    241107-qb52casfra

  • MD5

    b0b2b774a56f6d176bfe79fde595aa57

  • SHA1

    b781d85172d836cde7963545a25cef4c7ca9931e

  • SHA256

    5f56377cccb0d8b81e1335fae690007cf4c0bb2009d177d68b64f4f5213b3540

  • SHA512

    864e8ce0e1b1a05d4fce8539bfe472825147ec7d2a81cda50136fd70665d0dca601f094776fed96a571e37a30a967d1d674f6ed963599e453472097ffe2ee041

  • SSDEEP

    12288:OIVUIC/qcIs72/cPQIInQAoqMQdds+4R:OKUIC/2CPQVQdW3

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      5f56377cccb0d8b81e1335fae690007cf4c0bb2009d177d68b64f4f5213b3540

    • Size

      434KB

    • MD5

      b0b2b774a56f6d176bfe79fde595aa57

    • SHA1

      b781d85172d836cde7963545a25cef4c7ca9931e

    • SHA256

      5f56377cccb0d8b81e1335fae690007cf4c0bb2009d177d68b64f4f5213b3540

    • SHA512

      864e8ce0e1b1a05d4fce8539bfe472825147ec7d2a81cda50136fd70665d0dca601f094776fed96a571e37a30a967d1d674f6ed963599e453472097ffe2ee041

    • SSDEEP

      12288:OIVUIC/qcIs72/cPQIInQAoqMQdds+4R:OKUIC/2CPQVQdW3

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks