General

  • Target

    b14bd248b25f5f525b47895952b6f3d5c5419fe923e619a1084815dc78beb1bf

  • Size

    434KB

  • Sample

    241108-k3fb4syncz

  • MD5

    448b585b9b3bbb5b781a6da9a00007e7

  • SHA1

    7eb77b7c21f6f6651efffd7719d5093706860598

  • SHA256

    b14bd248b25f5f525b47895952b6f3d5c5419fe923e619a1084815dc78beb1bf

  • SHA512

    f43b4a66007d21b7bb1e8905b91e16f49cf274c820fe59180b2dcd69db40f44a6efb3ac91ee0751db74fd818e9b84e75d93000c8995c199785649f1a232d31f0

  • SSDEEP

    6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      b14bd248b25f5f525b47895952b6f3d5c5419fe923e619a1084815dc78beb1bf

    • Size

      434KB

    • MD5

      448b585b9b3bbb5b781a6da9a00007e7

    • SHA1

      7eb77b7c21f6f6651efffd7719d5093706860598

    • SHA256

      b14bd248b25f5f525b47895952b6f3d5c5419fe923e619a1084815dc78beb1bf

    • SHA512

      f43b4a66007d21b7bb1e8905b91e16f49cf274c820fe59180b2dcd69db40f44a6efb3ac91ee0751db74fd818e9b84e75d93000c8995c199785649f1a232d31f0

    • SSDEEP

      6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks