General

  • Target

    115eb697cd671f8239a09c2bd25245ac757d0d844da5227b8becfb15d1e92e53

  • Size

    436KB

  • Sample

    241107-vhl92aymdp

  • MD5

    e829ecdb4234eab3e30abefe06357be6

  • SHA1

    5a9c0289989fdf580a185b0c4095f5d33f4347e0

  • SHA256

    115eb697cd671f8239a09c2bd25245ac757d0d844da5227b8becfb15d1e92e53

  • SHA512

    a9400bbe7b879b274657b336c791dca9f21b389f446b5a7d9c420bc62f978001b0007dd02f431c7cd96cd44732813c4bbef77272343ecc54e73adb91666ef45d

  • SSDEEP

    6144:X/0waUW+rJNWUeGxIasIAzQ58Kw1s84Ytb12vohdyWCkEq/a172N:dJNteAMISQaK784Ytb1QohdskEq2

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      115eb697cd671f8239a09c2bd25245ac757d0d844da5227b8becfb15d1e92e53

    • Size

      436KB

    • MD5

      e829ecdb4234eab3e30abefe06357be6

    • SHA1

      5a9c0289989fdf580a185b0c4095f5d33f4347e0

    • SHA256

      115eb697cd671f8239a09c2bd25245ac757d0d844da5227b8becfb15d1e92e53

    • SHA512

      a9400bbe7b879b274657b336c791dca9f21b389f446b5a7d9c420bc62f978001b0007dd02f431c7cd96cd44732813c4bbef77272343ecc54e73adb91666ef45d

    • SSDEEP

      6144:X/0waUW+rJNWUeGxIasIAzQ58Kw1s84Ytb12vohdyWCkEq/a172N:dJNteAMISQaK784Ytb1QohdskEq2

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks