General

  • Target

    7554ed234e1e76f13ec7b8633df9b845f0968021b115dbc1e889b1b9ea6da66b

  • Size

    446KB

  • Sample

    241108-gnc2nawmdx

  • MD5

    550c991c43e96e2f511a02dd7a05f585

  • SHA1

    152b4890661fa83a54f536c697474768cdeacbe9

  • SHA256

    7554ed234e1e76f13ec7b8633df9b845f0968021b115dbc1e889b1b9ea6da66b

  • SHA512

    b9f4a51f9e98eb9495c6362474a1f9ebbf534b452e9e126cd6e74a96b8c567f60665bfdd8c83b30837274871e4654f877d5b28858c8c79484283e3af5186fb34

  • SSDEEP

    6144:+YyWzDI3pZCdgaf62qT2Ew+34Ua66+u4jPBq2pjSKcGd56:Sv3p4KaEX34UJ6+uw5q2pjxd5

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      7554ed234e1e76f13ec7b8633df9b845f0968021b115dbc1e889b1b9ea6da66b

    • Size

      446KB

    • MD5

      550c991c43e96e2f511a02dd7a05f585

    • SHA1

      152b4890661fa83a54f536c697474768cdeacbe9

    • SHA256

      7554ed234e1e76f13ec7b8633df9b845f0968021b115dbc1e889b1b9ea6da66b

    • SHA512

      b9f4a51f9e98eb9495c6362474a1f9ebbf534b452e9e126cd6e74a96b8c567f60665bfdd8c83b30837274871e4654f877d5b28858c8c79484283e3af5186fb34

    • SSDEEP

      6144:+YyWzDI3pZCdgaf62qT2Ew+34Ua66+u4jPBq2pjSKcGd56:Sv3p4KaEX34UJ6+uw5q2pjxd5

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks