General

  • Target

    3e11a551145c0b15dddf3dd5f5592d6d44187d6430ed5af6dd83a379ed312dc3

  • Size

    394KB

  • Sample

    241108-hbkfmsxgmj

  • MD5

    4c749f1c9bfaa3fdaa623474d4e46ceb

  • SHA1

    162cbc2ddd87d4cde15e897b5bac573819752265

  • SHA256

    3e11a551145c0b15dddf3dd5f5592d6d44187d6430ed5af6dd83a379ed312dc3

  • SHA512

    2acb1ef7c8e019660d4b7d7549d6a785dc2a3efe1d58fd45d589a19be5cd1595ce79b596f933229e26fdb887d728c524920c1ac91571dc2e0c46da6c7b56daf4

  • SSDEEP

    6144:JvY/hfaNsYeaDDHBYolh5nkRAnlEJa7xwZ124+JXerMchss+x1UkUV:iht/a3HuUMRu7xw7f+h/wss+ck

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      3e11a551145c0b15dddf3dd5f5592d6d44187d6430ed5af6dd83a379ed312dc3

    • Size

      394KB

    • MD5

      4c749f1c9bfaa3fdaa623474d4e46ceb

    • SHA1

      162cbc2ddd87d4cde15e897b5bac573819752265

    • SHA256

      3e11a551145c0b15dddf3dd5f5592d6d44187d6430ed5af6dd83a379ed312dc3

    • SHA512

      2acb1ef7c8e019660d4b7d7549d6a785dc2a3efe1d58fd45d589a19be5cd1595ce79b596f933229e26fdb887d728c524920c1ac91571dc2e0c46da6c7b56daf4

    • SSDEEP

      6144:JvY/hfaNsYeaDDHBYolh5nkRAnlEJa7xwZ124+JXerMchss+x1UkUV:iht/a3HuUMRu7xw7f+h/wss+ck

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks