General

  • Target

    890a0361bd655b1140f422c3a1b4ab6bc5b60fc94fd0e0f99290cd761601c60f

  • Size

    434KB

  • Sample

    241108-j3tdas1nbl

  • MD5

    f4e63b2b0d0c4ca10670a7ae318c688f

  • SHA1

    c690384196a6e30fa98ee48e7f5b574d87e5770c

  • SHA256

    890a0361bd655b1140f422c3a1b4ab6bc5b60fc94fd0e0f99290cd761601c60f

  • SHA512

    05d0912407362cf8288e88bce45b0dc3fa4bd6ebbae184b7f4f810c6770de44eae46ec2fd36f764fa4a7f3a8dd0d8186579b6cb0972e9e44881520957e76641b

  • SSDEEP

    6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      890a0361bd655b1140f422c3a1b4ab6bc5b60fc94fd0e0f99290cd761601c60f

    • Size

      434KB

    • MD5

      f4e63b2b0d0c4ca10670a7ae318c688f

    • SHA1

      c690384196a6e30fa98ee48e7f5b574d87e5770c

    • SHA256

      890a0361bd655b1140f422c3a1b4ab6bc5b60fc94fd0e0f99290cd761601c60f

    • SHA512

      05d0912407362cf8288e88bce45b0dc3fa4bd6ebbae184b7f4f810c6770de44eae46ec2fd36f764fa4a7f3a8dd0d8186579b6cb0972e9e44881520957e76641b

    • SSDEEP

      6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks