General

  • Target

    c89a459dd6e2dd0eb73e62b58f1fe2e8993ef7e3d8a8de2bc5a4a6f914f8b914

  • Size

    434KB

  • Sample

    241108-jce3zs1jdq

  • MD5

    082b293b94dfc4c1e01b6992cf9e4e69

  • SHA1

    6cab83298d0cc2b9fb03d6f4e7e449b004f6ff8e

  • SHA256

    c89a459dd6e2dd0eb73e62b58f1fe2e8993ef7e3d8a8de2bc5a4a6f914f8b914

  • SHA512

    59dbb3fa1f76a19ebf8551ac0ad311bac2d75840845e56b3a4dff421da26b15dfee6ae3539bfa7aaf25651301099011b09a6cc77a68a2852947d054b619836f2

  • SSDEEP

    6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      c89a459dd6e2dd0eb73e62b58f1fe2e8993ef7e3d8a8de2bc5a4a6f914f8b914

    • Size

      434KB

    • MD5

      082b293b94dfc4c1e01b6992cf9e4e69

    • SHA1

      6cab83298d0cc2b9fb03d6f4e7e449b004f6ff8e

    • SHA256

      c89a459dd6e2dd0eb73e62b58f1fe2e8993ef7e3d8a8de2bc5a4a6f914f8b914

    • SHA512

      59dbb3fa1f76a19ebf8551ac0ad311bac2d75840845e56b3a4dff421da26b15dfee6ae3539bfa7aaf25651301099011b09a6cc77a68a2852947d054b619836f2

    • SSDEEP

      6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks