General

  • Target

    bf72b23f5951bedee11f46dc8911c93e2b18beed1c7b2e270ef795c2b65e1f89

  • Size

    394KB

  • Sample

    241108-jw78wa1mcr

  • MD5

    dbac984185030235d969a8d404ba8d09

  • SHA1

    d7131f458daff6caabedcd2af7aec7b50a17e64b

  • SHA256

    bf72b23f5951bedee11f46dc8911c93e2b18beed1c7b2e270ef795c2b65e1f89

  • SHA512

    0603fa562056a7f6a86cfed6e1a5feb9ce5b010cd6c5f150c4e2e0b7518c3d109e113e20f6273e4404ab5b7dd572069ccbaae167169a9cd0da68fb02b27f2060

  • SSDEEP

    6144:JvY/hfaNsYeaDDHBYolh5nkRAnlEJa7xwZ124+JXerMchss+x1UkUV:iht/a3HuUMRu7xw7f+h/wss+ck

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      bf72b23f5951bedee11f46dc8911c93e2b18beed1c7b2e270ef795c2b65e1f89

    • Size

      394KB

    • MD5

      dbac984185030235d969a8d404ba8d09

    • SHA1

      d7131f458daff6caabedcd2af7aec7b50a17e64b

    • SHA256

      bf72b23f5951bedee11f46dc8911c93e2b18beed1c7b2e270ef795c2b65e1f89

    • SHA512

      0603fa562056a7f6a86cfed6e1a5feb9ce5b010cd6c5f150c4e2e0b7518c3d109e113e20f6273e4404ab5b7dd572069ccbaae167169a9cd0da68fb02b27f2060

    • SSDEEP

      6144:JvY/hfaNsYeaDDHBYolh5nkRAnlEJa7xwZ124+JXerMchss+x1UkUV:iht/a3HuUMRu7xw7f+h/wss+ck

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks