General

  • Target

    cafd45356a184d4d5fdb42f4af831f04eb047a3f3e6cafe2520d8ae4062f8ced

  • Size

    434KB

  • Sample

    241108-g5vb9sxdqb

  • MD5

    766f561988213acdacc4bb076d1b875d

  • SHA1

    2a185748e50881d6b03ce136252f1aba08a342cf

  • SHA256

    cafd45356a184d4d5fdb42f4af831f04eb047a3f3e6cafe2520d8ae4062f8ced

  • SHA512

    f41886c609d95930bd8c14a71645b73f3979c0a3188167d6bf20b51398b1f0f2ab4072fcf2487634d0fb09b82570abd971b50371b669f828101a92a848690c73

  • SSDEEP

    6144:MJTpi7bxjww3MK4zPcMZ4fPHsjcm8wldunH7qorYiQI/Q+VK1I:+ihF3QPXZ8sjfBlduneorYU/Q+V

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      cafd45356a184d4d5fdb42f4af831f04eb047a3f3e6cafe2520d8ae4062f8ced

    • Size

      434KB

    • MD5

      766f561988213acdacc4bb076d1b875d

    • SHA1

      2a185748e50881d6b03ce136252f1aba08a342cf

    • SHA256

      cafd45356a184d4d5fdb42f4af831f04eb047a3f3e6cafe2520d8ae4062f8ced

    • SHA512

      f41886c609d95930bd8c14a71645b73f3979c0a3188167d6bf20b51398b1f0f2ab4072fcf2487634d0fb09b82570abd971b50371b669f828101a92a848690c73

    • SSDEEP

      6144:MJTpi7bxjww3MK4zPcMZ4fPHsjcm8wldunH7qorYiQI/Q+VK1I:+ihF3QPXZ8sjfBlduneorYU/Q+V

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks