General

  • Target

    c73fef6b93b3672d56ee9da4732ec804b25bde537aeef5e4c0ac88b47d0ccfff

  • Size

    274KB

  • Sample

    241108-jlgyyaxpay

  • MD5

    10dbb09886756c44cb6358137a5efd93

  • SHA1

    2073af878755e022db0c46b65e281ce5f4b89dcd

  • SHA256

    c73fef6b93b3672d56ee9da4732ec804b25bde537aeef5e4c0ac88b47d0ccfff

  • SHA512

    085a629a6d70145be22ba66944fd26250f04c59c7b05c40323236d85cde677f61b6bf88220528b07c43e10e441cef19dcfcd4b46d0510d05d6ac7a2f6f7e76e3

  • SSDEEP

    6144:3OzLoJazKULP9wHZZNQHnjSGWLSioSEIYR/mJekTfj4B:ezUJa3p0NQHGSwNYR+BTc

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      c73fef6b93b3672d56ee9da4732ec804b25bde537aeef5e4c0ac88b47d0ccfff

    • Size

      274KB

    • MD5

      10dbb09886756c44cb6358137a5efd93

    • SHA1

      2073af878755e022db0c46b65e281ce5f4b89dcd

    • SHA256

      c73fef6b93b3672d56ee9da4732ec804b25bde537aeef5e4c0ac88b47d0ccfff

    • SHA512

      085a629a6d70145be22ba66944fd26250f04c59c7b05c40323236d85cde677f61b6bf88220528b07c43e10e441cef19dcfcd4b46d0510d05d6ac7a2f6f7e76e3

    • SSDEEP

      6144:3OzLoJazKULP9wHZZNQHnjSGWLSioSEIYR/mJekTfj4B:ezUJa3p0NQHGSwNYR+BTc

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks