General

  • Target

    3efef3ed78e9a06dcbad5ec8972d0a7d473ead2616851cdb52d9714873183ca1

  • Size

    436KB

  • Sample

    241107-vqlngawfjh

  • MD5

    d115e1b9b2e794b255cb79293cba22d4

  • SHA1

    837d7dc36cb7bee6e61f09b44e51297a56e68b6e

  • SHA256

    3efef3ed78e9a06dcbad5ec8972d0a7d473ead2616851cdb52d9714873183ca1

  • SHA512

    51929c40b7c696664e4b9ad415c9823b5d5044c22d963bda5cfec1fafadab8b7698be054b4b1708db6a90093a112cfafd0b868304043bb7391649f3dc0776caf

  • SSDEEP

    6144:X/0waUW+rJNWUeGxIasIAzQ58Kw1s84Ytb12vohdyWCkEq/a172N:dJNteAMISQaK784Ytb1QohdskEq2

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      3efef3ed78e9a06dcbad5ec8972d0a7d473ead2616851cdb52d9714873183ca1

    • Size

      436KB

    • MD5

      d115e1b9b2e794b255cb79293cba22d4

    • SHA1

      837d7dc36cb7bee6e61f09b44e51297a56e68b6e

    • SHA256

      3efef3ed78e9a06dcbad5ec8972d0a7d473ead2616851cdb52d9714873183ca1

    • SHA512

      51929c40b7c696664e4b9ad415c9823b5d5044c22d963bda5cfec1fafadab8b7698be054b4b1708db6a90093a112cfafd0b868304043bb7391649f3dc0776caf

    • SSDEEP

      6144:X/0waUW+rJNWUeGxIasIAzQ58Kw1s84Ytb12vohdyWCkEq/a172N:dJNteAMISQaK784Ytb1QohdskEq2

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks