General

  • Target

    ebfb67add4361072bc552f5dfaa21e50dd3917d1aa4a620b56074e665a64f3fe

  • Size

    433KB

  • Sample

    241108-j86wks1ngr

  • MD5

    59ca81f8743934e65a8c0fb76792394f

  • SHA1

    85f66f8fe5b745ce93e676d34c317f2a0df0ba4b

  • SHA256

    ebfb67add4361072bc552f5dfaa21e50dd3917d1aa4a620b56074e665a64f3fe

  • SHA512

    c0ab71831713a760c2f7ba5e4f9f79eb8bf9e211d43511c903a2d0d9050fb306b8fb19540b599c604766c9f7fa38c4608b2dac4f3b82885bba165064206feaca

  • SSDEEP

    6144:pOR5Bk9cF45s5zJtXXYLE/32/bW7JF3qpDLUwznoFid:c/B4H5WJqLE/6W773qpEwzno4

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      ebfb67add4361072bc552f5dfaa21e50dd3917d1aa4a620b56074e665a64f3fe

    • Size

      433KB

    • MD5

      59ca81f8743934e65a8c0fb76792394f

    • SHA1

      85f66f8fe5b745ce93e676d34c317f2a0df0ba4b

    • SHA256

      ebfb67add4361072bc552f5dfaa21e50dd3917d1aa4a620b56074e665a64f3fe

    • SHA512

      c0ab71831713a760c2f7ba5e4f9f79eb8bf9e211d43511c903a2d0d9050fb306b8fb19540b599c604766c9f7fa38c4608b2dac4f3b82885bba165064206feaca

    • SSDEEP

      6144:pOR5Bk9cF45s5zJtXXYLE/32/bW7JF3qpDLUwznoFid:c/B4H5WJqLE/6W773qpEwzno4

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks