General

  • Target

    6a5ff16793f9996560a324d269d531a75f541a88adb8dd6aa46f4a8c114a2241

  • Size

    274KB

  • Sample

    241107-srk28atqat

  • MD5

    c7fe6d44439f4d81946fedf431e12f8d

  • SHA1

    b9a0ac2fe41e66c0c49f1989466102b710a10003

  • SHA256

    6a5ff16793f9996560a324d269d531a75f541a88adb8dd6aa46f4a8c114a2241

  • SHA512

    ce6e3d36490e1a594406c396ea8a3ffaf525eec45bc73e90c2c6a4929a9dcb3df4ac61c0c9b49602559b6c9e2e8bfc1a75f6941cd32fd8f3b41ed65754916bd8

  • SSDEEP

    6144:9IKLljKVST80mz2sahmyhHJ7edIQh/ZB:CKFKVSFmqsUPhp7gIQj

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      6a5ff16793f9996560a324d269d531a75f541a88adb8dd6aa46f4a8c114a2241

    • Size

      274KB

    • MD5

      c7fe6d44439f4d81946fedf431e12f8d

    • SHA1

      b9a0ac2fe41e66c0c49f1989466102b710a10003

    • SHA256

      6a5ff16793f9996560a324d269d531a75f541a88adb8dd6aa46f4a8c114a2241

    • SHA512

      ce6e3d36490e1a594406c396ea8a3ffaf525eec45bc73e90c2c6a4929a9dcb3df4ac61c0c9b49602559b6c9e2e8bfc1a75f6941cd32fd8f3b41ed65754916bd8

    • SSDEEP

      6144:9IKLljKVST80mz2sahmyhHJ7edIQh/ZB:CKFKVSFmqsUPhp7gIQj

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks