General

  • Target

    2d15bb1f3692b675c31314f49836d8b0955e594d36dd7f15c35527a37b76a5ea

  • Size

    432KB

  • Sample

    241108-j19mhaxrbs

  • MD5

    8bd8b33ecab6a53a6625d1b5272fde5c

  • SHA1

    8e3afe99bd8b360e55ea8a91999d92c0ab115800

  • SHA256

    2d15bb1f3692b675c31314f49836d8b0955e594d36dd7f15c35527a37b76a5ea

  • SHA512

    c8b4157ac6ed2e524a8da9c8d619f359d11aae81b38a845fb18ece1ffaca7d95270552bc1c477056db9defcd5c1197c8f083d39ec0c35d2199ccae84a44fab26

  • SSDEEP

    6144:JegQHXT3Kt595Gwa3jL/fhaCkIfyOR0iNHxzjK3mdDqkGs/QAB:J6Dat56webfhaCkIfldHxzm3mdVGs/Q

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      2d15bb1f3692b675c31314f49836d8b0955e594d36dd7f15c35527a37b76a5ea

    • Size

      432KB

    • MD5

      8bd8b33ecab6a53a6625d1b5272fde5c

    • SHA1

      8e3afe99bd8b360e55ea8a91999d92c0ab115800

    • SHA256

      2d15bb1f3692b675c31314f49836d8b0955e594d36dd7f15c35527a37b76a5ea

    • SHA512

      c8b4157ac6ed2e524a8da9c8d619f359d11aae81b38a845fb18ece1ffaca7d95270552bc1c477056db9defcd5c1197c8f083d39ec0c35d2199ccae84a44fab26

    • SSDEEP

      6144:JegQHXT3Kt595Gwa3jL/fhaCkIfyOR0iNHxzjK3mdDqkGs/QAB:J6Dat56webfhaCkIfldHxzm3mdVGs/Q

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks