General

  • Target

    13d8cc8a5865b0d100d406358b1f38d1d9722c3b0407278480fb607cda9c4a61

  • Size

    446KB

  • Sample

    241107-ssstfsxlbl

  • MD5

    d527e7bb5b974719d5761c3b9ca62211

  • SHA1

    6277ae6d7451cda497e324910cf0364d06b571a1

  • SHA256

    13d8cc8a5865b0d100d406358b1f38d1d9722c3b0407278480fb607cda9c4a61

  • SHA512

    2e5edaf720aa0953a2dfbd7270c93a85c01b5a9533db27bc278030b4a9c7571825cb6a6ad55f302124deb7b8cd53969a1219be690da631b4f52c6d8917726387

  • SSDEEP

    6144:eg+lNH+X9g4imz2aXhFynFk5wrarFSv0Ytn33CXjIi5xLS6xP5Of8CqK:E3vmz2UyO5yarIcc33CTv5xLnxOf

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      13d8cc8a5865b0d100d406358b1f38d1d9722c3b0407278480fb607cda9c4a61

    • Size

      446KB

    • MD5

      d527e7bb5b974719d5761c3b9ca62211

    • SHA1

      6277ae6d7451cda497e324910cf0364d06b571a1

    • SHA256

      13d8cc8a5865b0d100d406358b1f38d1d9722c3b0407278480fb607cda9c4a61

    • SHA512

      2e5edaf720aa0953a2dfbd7270c93a85c01b5a9533db27bc278030b4a9c7571825cb6a6ad55f302124deb7b8cd53969a1219be690da631b4f52c6d8917726387

    • SSDEEP

      6144:eg+lNH+X9g4imz2aXhFynFk5wrarFSv0Ytn33CXjIi5xLS6xP5Of8CqK:E3vmz2UyO5yarIcc33CTv5xLnxOf

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks