General

  • Target

    3dfb635ef2964cf9c8e512c8725b473606c1b6a67bec60ef5014ab7a1f2a0ed2

  • Size

    433KB

  • Sample

    241107-rgqpaateka

  • MD5

    58d5f6716b500561d6204d7878b8bb27

  • SHA1

    721443ca78b4902a3c86615834b6556a829876f8

  • SHA256

    3dfb635ef2964cf9c8e512c8725b473606c1b6a67bec60ef5014ab7a1f2a0ed2

  • SHA512

    8096174c7de2b0db35869e402aa8a8cb93ece4a05c49282b416ea1af8cbf1c17e316c926a139741932fa73dd3a1f24908a064a47bfc8ebd9389ad80437c5db26

  • SSDEEP

    6144:gkzT5Nf9ZbDnOgfq1HjKNi+Hn33b8poHwiMc4oKoN3:fT5XZ+gfqdjKNdHn33bAoHwQ4oKM

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      3dfb635ef2964cf9c8e512c8725b473606c1b6a67bec60ef5014ab7a1f2a0ed2

    • Size

      433KB

    • MD5

      58d5f6716b500561d6204d7878b8bb27

    • SHA1

      721443ca78b4902a3c86615834b6556a829876f8

    • SHA256

      3dfb635ef2964cf9c8e512c8725b473606c1b6a67bec60ef5014ab7a1f2a0ed2

    • SHA512

      8096174c7de2b0db35869e402aa8a8cb93ece4a05c49282b416ea1af8cbf1c17e316c926a139741932fa73dd3a1f24908a064a47bfc8ebd9389ad80437c5db26

    • SSDEEP

      6144:gkzT5Nf9ZbDnOgfq1HjKNi+Hn33b8poHwiMc4oKoN3:fT5XZ+gfqdjKNdHn33bAoHwQ4oKM

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks