General

  • Target

    e87610e369a5b84a0d2c20286982dc44dfe52d06b46422256c21e959665d44c7

  • Size

    287KB

  • Sample

    241107-rr72bawnhk

  • MD5

    4633479c86c3d6127f1625c9c583ac28

  • SHA1

    1bf802ce163b894eb1f239f6ddbdfc4cc109d360

  • SHA256

    e87610e369a5b84a0d2c20286982dc44dfe52d06b46422256c21e959665d44c7

  • SHA512

    582cae7e5337ecaea47a9a644b8714883f8fb83400a3eb07dd9a8bb57fd5d6c5dfe0bbd00f382a00bce44a89d6b841b4847090091349af10388d126c56364e38

  • SSDEEP

    6144:q8qL1Obq8+80T6tPZO0jalKzoXQ8t/3nz9mqok7vRZuzbgwu9snB:xqcbq8+8K0u7Q8t/5xbunnp

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      e87610e369a5b84a0d2c20286982dc44dfe52d06b46422256c21e959665d44c7

    • Size

      287KB

    • MD5

      4633479c86c3d6127f1625c9c583ac28

    • SHA1

      1bf802ce163b894eb1f239f6ddbdfc4cc109d360

    • SHA256

      e87610e369a5b84a0d2c20286982dc44dfe52d06b46422256c21e959665d44c7

    • SHA512

      582cae7e5337ecaea47a9a644b8714883f8fb83400a3eb07dd9a8bb57fd5d6c5dfe0bbd00f382a00bce44a89d6b841b4847090091349af10388d126c56364e38

    • SSDEEP

      6144:q8qL1Obq8+80T6tPZO0jalKzoXQ8t/3nz9mqok7vRZuzbgwu9snB:xqcbq8+8K0u7Q8t/5xbunnp

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks