General

  • Target

    24457b4b6f7c52259fcdddbdba5d67341a7f721081e73eef76d8834ff6b25d88

  • Size

    432KB

  • Sample

    241108-k9d3mazdqg

  • MD5

    7da5684f62ef8d50125152fe58c6ef54

  • SHA1

    883727d6c7368c05a12927facbc2edf9dee20de6

  • SHA256

    24457b4b6f7c52259fcdddbdba5d67341a7f721081e73eef76d8834ff6b25d88

  • SHA512

    9573c7caf604ab85a1e4aae48c24aa400e725e1d2ce4088aadec08bf47a759b1bf5c3b2b098fef8d381d2baee22937b9289ca1dcc608c6eb5c4fccfd4fe2b730

  • SSDEEP

    6144:JegQHXT3Kt595Gwa3jL/fhaCkIfyOR0iNHxzjK3mdDqkGs/QAB:J6Dat56webfhaCkIfldHxzm3mdVGs/Q

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      24457b4b6f7c52259fcdddbdba5d67341a7f721081e73eef76d8834ff6b25d88

    • Size

      432KB

    • MD5

      7da5684f62ef8d50125152fe58c6ef54

    • SHA1

      883727d6c7368c05a12927facbc2edf9dee20de6

    • SHA256

      24457b4b6f7c52259fcdddbdba5d67341a7f721081e73eef76d8834ff6b25d88

    • SHA512

      9573c7caf604ab85a1e4aae48c24aa400e725e1d2ce4088aadec08bf47a759b1bf5c3b2b098fef8d381d2baee22937b9289ca1dcc608c6eb5c4fccfd4fe2b730

    • SSDEEP

      6144:JegQHXT3Kt595Gwa3jL/fhaCkIfyOR0iNHxzjK3mdDqkGs/QAB:J6Dat56webfhaCkIfldHxzm3mdVGs/Q

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks