General

  • Target

    7bea827512b1bc007bfe903d0e1b2309232279a28999fbad446764baa2ec8b71

  • Size

    434KB

  • Sample

    241108-g4hxvaxerk

  • MD5

    9a2f62a9bf000dc5d9654864998211dd

  • SHA1

    92d031675ad2f0a648ea6172503ce0f201a77185

  • SHA256

    7bea827512b1bc007bfe903d0e1b2309232279a28999fbad446764baa2ec8b71

  • SHA512

    e6b82d2b710117367ad0d1a07333c0b184e4d85d10834c32e0e481dc150d6b29df37e4af21d1a874476a47050ee7123fea9350cc1fda741811abe96c03782896

  • SSDEEP

    12288:OIVUIC/qcIs72/cPQIInQAoqMQdds+4R:OKUIC/2CPQVQdW3

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      7bea827512b1bc007bfe903d0e1b2309232279a28999fbad446764baa2ec8b71

    • Size

      434KB

    • MD5

      9a2f62a9bf000dc5d9654864998211dd

    • SHA1

      92d031675ad2f0a648ea6172503ce0f201a77185

    • SHA256

      7bea827512b1bc007bfe903d0e1b2309232279a28999fbad446764baa2ec8b71

    • SHA512

      e6b82d2b710117367ad0d1a07333c0b184e4d85d10834c32e0e481dc150d6b29df37e4af21d1a874476a47050ee7123fea9350cc1fda741811abe96c03782896

    • SSDEEP

      12288:OIVUIC/qcIs72/cPQIInQAoqMQdds+4R:OKUIC/2CPQVQdW3

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks