General

  • Target

    70e13c4c01d7f438e542f88614b4a8a5bbafeded2f107558cdea65ec6f9c6269

  • Size

    434KB

  • Sample

    241107-rxhnlstgnp

  • MD5

    aeafc7fb153adbd3c9b7b38f1006c071

  • SHA1

    4433e469634fa96a555a3750b8cb904813c2a928

  • SHA256

    70e13c4c01d7f438e542f88614b4a8a5bbafeded2f107558cdea65ec6f9c6269

  • SHA512

    ef2e0415724653a3496ae37c685bc7496a8d2a24e5f38bc810a3e3c2efd97a0dfb25ced905bf4e55e074bada8ce64e28f0ad6876b7b177676d88b6906c038da0

  • SSDEEP

    6144:z6b0HLLvfYOGa7hFs+TMrSwRoSIPbYVMoNr/psoF3736O1GdkT3TBNht:b6avJMvoS6bgMoNr/psoFr36O+kT3F

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      70e13c4c01d7f438e542f88614b4a8a5bbafeded2f107558cdea65ec6f9c6269

    • Size

      434KB

    • MD5

      aeafc7fb153adbd3c9b7b38f1006c071

    • SHA1

      4433e469634fa96a555a3750b8cb904813c2a928

    • SHA256

      70e13c4c01d7f438e542f88614b4a8a5bbafeded2f107558cdea65ec6f9c6269

    • SHA512

      ef2e0415724653a3496ae37c685bc7496a8d2a24e5f38bc810a3e3c2efd97a0dfb25ced905bf4e55e074bada8ce64e28f0ad6876b7b177676d88b6906c038da0

    • SSDEEP

      6144:z6b0HLLvfYOGa7hFs+TMrSwRoSIPbYVMoNr/psoF3736O1GdkT3TBNht:b6avJMvoS6bgMoNr/psoFr36O+kT3F

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks