General

  • Target

    bd18479b762385d65ce18598622a6b9c3dfbf144821f8b9d374a61857dd632d3

  • Size

    446KB

  • Sample

    241108-jsfpfs1lgl

  • MD5

    d8f165aa0308f32f30b39117e5e92b59

  • SHA1

    484e1c4237392778a171b0d0d48d12646c68df66

  • SHA256

    bd18479b762385d65ce18598622a6b9c3dfbf144821f8b9d374a61857dd632d3

  • SHA512

    93a7fe2b97431d0e217c9206cb8c9c68648a586c5f2a6829b17c674dcdb1d898d99d991216ec15f5c75f0a3074fe3b23b5dd4bfb86c288badb98b1af5e4960c8

  • SSDEEP

    6144:+YyWzDI3pZCdgaf62qT2Ew+34Ua66+u4jPBq2pjSKcGd56:Sv3p4KaEX34UJ6+uw5q2pjxd5

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      bd18479b762385d65ce18598622a6b9c3dfbf144821f8b9d374a61857dd632d3

    • Size

      446KB

    • MD5

      d8f165aa0308f32f30b39117e5e92b59

    • SHA1

      484e1c4237392778a171b0d0d48d12646c68df66

    • SHA256

      bd18479b762385d65ce18598622a6b9c3dfbf144821f8b9d374a61857dd632d3

    • SHA512

      93a7fe2b97431d0e217c9206cb8c9c68648a586c5f2a6829b17c674dcdb1d898d99d991216ec15f5c75f0a3074fe3b23b5dd4bfb86c288badb98b1af5e4960c8

    • SSDEEP

      6144:+YyWzDI3pZCdgaf62qT2Ew+34Ua66+u4jPBq2pjSKcGd56:Sv3p4KaEX34UJ6+uw5q2pjxd5

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks