General

  • Target

    2e687f2990a474b3a284ad4ec1ddfcfcec0b3cec2d27e9fa4e454616fbf6214b

  • Size

    434KB

  • Sample

    241108-gx86fsxcpf

  • MD5

    512fe00becfaae8b3af74438f55427bc

  • SHA1

    598522bc50907cb01b854c270005aff8a3e971e0

  • SHA256

    2e687f2990a474b3a284ad4ec1ddfcfcec0b3cec2d27e9fa4e454616fbf6214b

  • SHA512

    fa07a985cab2b7818f9eda4ef2cb907d8cfecf5d11e9defd6be76dff1a53529820090a4399ea244a0dec89f8303e64565a18a36277dc702eb0675615f763be21

  • SSDEEP

    6144:jT+p2+wmSFThVQdmWGwMLqlhC5wvsu6GZcfo0Hz21OOuq0tc+o:Pw6FHimWrJhC5Osu6G6fo0HzLOuq0tj

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      2e687f2990a474b3a284ad4ec1ddfcfcec0b3cec2d27e9fa4e454616fbf6214b

    • Size

      434KB

    • MD5

      512fe00becfaae8b3af74438f55427bc

    • SHA1

      598522bc50907cb01b854c270005aff8a3e971e0

    • SHA256

      2e687f2990a474b3a284ad4ec1ddfcfcec0b3cec2d27e9fa4e454616fbf6214b

    • SHA512

      fa07a985cab2b7818f9eda4ef2cb907d8cfecf5d11e9defd6be76dff1a53529820090a4399ea244a0dec89f8303e64565a18a36277dc702eb0675615f763be21

    • SSDEEP

      6144:jT+p2+wmSFThVQdmWGwMLqlhC5wvsu6GZcfo0Hz21OOuq0tc+o:Pw6FHimWrJhC5Osu6G6fo0HzLOuq0tj

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks