General

  • Target

    ad807f9956754537b4d950ed119d861e34c16fd6e5c9d53801ea9798f8a0ee7d

  • Size

    432KB

  • Sample

    241107-tsga4avmdy

  • MD5

    20d13a105ef7fded232a7df56ee890cd

  • SHA1

    61c91cbaae574236243bc2849a50563e31ac6567

  • SHA256

    ad807f9956754537b4d950ed119d861e34c16fd6e5c9d53801ea9798f8a0ee7d

  • SHA512

    148ef22b580652e9539e6625dace17cf7cdc30306beb3b14e9cfb3afb560c3e05f2b58916dda9b97e6db4338e353594724af2e489b5edb46c02595b7e35f33ec

  • SSDEEP

    6144:yGO9Zbg+pdyt8LlZuPpTOl2eV7pw5fq22bM0harV83KpzZWK3g2tF0:VO91g+pdytWZucV2E3harS3KpMK3g2T

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      ad807f9956754537b4d950ed119d861e34c16fd6e5c9d53801ea9798f8a0ee7d

    • Size

      432KB

    • MD5

      20d13a105ef7fded232a7df56ee890cd

    • SHA1

      61c91cbaae574236243bc2849a50563e31ac6567

    • SHA256

      ad807f9956754537b4d950ed119d861e34c16fd6e5c9d53801ea9798f8a0ee7d

    • SHA512

      148ef22b580652e9539e6625dace17cf7cdc30306beb3b14e9cfb3afb560c3e05f2b58916dda9b97e6db4338e353594724af2e489b5edb46c02595b7e35f33ec

    • SSDEEP

      6144:yGO9Zbg+pdyt8LlZuPpTOl2eV7pw5fq22bM0harV83KpzZWK3g2tF0:VO91g+pdytWZucV2E3harS3KpMK3g2T

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks