General

  • Target

    aa5a388818b1e5e5e99ec153cf2656ee600dd1329c9c665d326b8c726d5ce28d

  • Size

    446KB

  • Sample

    241108-jrfm3aydre

  • MD5

    f19800930b4cbfe1dcf405b4926d7fef

  • SHA1

    8fb0564e7bdde0051e15b573a0aa90ae7870d4d8

  • SHA256

    aa5a388818b1e5e5e99ec153cf2656ee600dd1329c9c665d326b8c726d5ce28d

  • SHA512

    d05b4359f5debf0def0fe42b5249f267159564461720e0fd78adcf3802967e1f28b554d83bbc973ba21b341d94bde789aa40c8fac0e1540101da2bad6e694fe1

  • SSDEEP

    6144:+joYSL1G2fCi9q2IxEjfR9uTCCZC9+IpUrfi7+Pe7cTT6Hin6v9R:FbGCIEjfRulC9+IerfaYe7LW6v

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      aa5a388818b1e5e5e99ec153cf2656ee600dd1329c9c665d326b8c726d5ce28d

    • Size

      446KB

    • MD5

      f19800930b4cbfe1dcf405b4926d7fef

    • SHA1

      8fb0564e7bdde0051e15b573a0aa90ae7870d4d8

    • SHA256

      aa5a388818b1e5e5e99ec153cf2656ee600dd1329c9c665d326b8c726d5ce28d

    • SHA512

      d05b4359f5debf0def0fe42b5249f267159564461720e0fd78adcf3802967e1f28b554d83bbc973ba21b341d94bde789aa40c8fac0e1540101da2bad6e694fe1

    • SSDEEP

      6144:+joYSL1G2fCi9q2IxEjfR9uTCCZC9+IpUrfi7+Pe7cTT6Hin6v9R:FbGCIEjfRulC9+IerfaYe7LW6v

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks