General

  • Target

    54add3011a491f5deb9d7a79137f8123966c0bddc1e938cbef7a2d395b1e878e

  • Size

    434KB

  • Sample

    241107-telzesxpfp

  • MD5

    426868efe2a242101e9578ad1b85c9f6

  • SHA1

    cf1e8387005bd545bd04ac9bae329bf6a0fd168d

  • SHA256

    54add3011a491f5deb9d7a79137f8123966c0bddc1e938cbef7a2d395b1e878e

  • SHA512

    163d3f1759f3e6b4fbfe4955aef30339ca01c3d03e64deab24c2084ddf4806cc73c1acb007d3909b5512378ed92b3288d3a3084e2b99387d7ce640320dfab379

  • SSDEEP

    6144:jT+p2+wmSFThVQdmWGwMLqlhC5wvsu6GZcfo0Hz21OOuq0tc+o:Pw6FHimWrJhC5Osu6G6fo0HzLOuq0tj

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      54add3011a491f5deb9d7a79137f8123966c0bddc1e938cbef7a2d395b1e878e

    • Size

      434KB

    • MD5

      426868efe2a242101e9578ad1b85c9f6

    • SHA1

      cf1e8387005bd545bd04ac9bae329bf6a0fd168d

    • SHA256

      54add3011a491f5deb9d7a79137f8123966c0bddc1e938cbef7a2d395b1e878e

    • SHA512

      163d3f1759f3e6b4fbfe4955aef30339ca01c3d03e64deab24c2084ddf4806cc73c1acb007d3909b5512378ed92b3288d3a3084e2b99387d7ce640320dfab379

    • SSDEEP

      6144:jT+p2+wmSFThVQdmWGwMLqlhC5wvsu6GZcfo0Hz21OOuq0tc+o:Pw6FHimWrJhC5Osu6G6fo0HzLOuq0tj

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks