General

  • Target

    ba3599fcc100f3ef2b201c241c5ec7458f81a6c7a1f7c67f90fd0176903bf387

  • Size

    446KB

  • Sample

    241108-gdknrayqdl

  • MD5

    83755ae8844af6ed580fbce6bf6753e4

  • SHA1

    945edc75da9c012a92310b3ff30727a368a1a9d2

  • SHA256

    ba3599fcc100f3ef2b201c241c5ec7458f81a6c7a1f7c67f90fd0176903bf387

  • SHA512

    b777202d9cc55cf79df5585bf6a957e0a2efb08c6e462f28716c5dcac792c2f8533bf3b15334bbef874628cb33e82cae0d0fcb91b98294f75b3c9dc8ac68dbfc

  • SSDEEP

    6144:eg+lNH+X9g4imz2aXhFynFk5wrarFSv0Ytn33CXjIi5xLS6xP5Of8CqK:E3vmz2UyO5yarIcc33CTv5xLnxOf

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      ba3599fcc100f3ef2b201c241c5ec7458f81a6c7a1f7c67f90fd0176903bf387

    • Size

      446KB

    • MD5

      83755ae8844af6ed580fbce6bf6753e4

    • SHA1

      945edc75da9c012a92310b3ff30727a368a1a9d2

    • SHA256

      ba3599fcc100f3ef2b201c241c5ec7458f81a6c7a1f7c67f90fd0176903bf387

    • SHA512

      b777202d9cc55cf79df5585bf6a957e0a2efb08c6e462f28716c5dcac792c2f8533bf3b15334bbef874628cb33e82cae0d0fcb91b98294f75b3c9dc8ac68dbfc

    • SSDEEP

      6144:eg+lNH+X9g4imz2aXhFynFk5wrarFSv0Ytn33CXjIi5xLS6xP5Of8CqK:E3vmz2UyO5yarIcc33CTv5xLnxOf

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks