General

  • Target

    c28191c750467971cd2447a9308260070aca74f9d9b18c2d83780eee759b4a1d

  • Size

    434KB

  • Sample

    241108-k9s7jszdrf

  • MD5

    72938313fc4a8073f02708f5a90a0fbc

  • SHA1

    60713322b4088a57650cbef48b716af2cc59cf69

  • SHA256

    c28191c750467971cd2447a9308260070aca74f9d9b18c2d83780eee759b4a1d

  • SHA512

    b74a49d7d7553133a97deb0b938ef0d569f057cbc0e6680db91ec0e5adc1a66e71014cdfe1984f760ed426d3b8dfcc0c3159b39d6ce9d25fc3fe97f10cac9013

  • SSDEEP

    6144:IA/r6ksws1/whwnCWCDmV344pWNE20JvHoinidCso6URDkp6:J/rroDCWeW7sE20JPoinnso6UdK

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      c28191c750467971cd2447a9308260070aca74f9d9b18c2d83780eee759b4a1d

    • Size

      434KB

    • MD5

      72938313fc4a8073f02708f5a90a0fbc

    • SHA1

      60713322b4088a57650cbef48b716af2cc59cf69

    • SHA256

      c28191c750467971cd2447a9308260070aca74f9d9b18c2d83780eee759b4a1d

    • SHA512

      b74a49d7d7553133a97deb0b938ef0d569f057cbc0e6680db91ec0e5adc1a66e71014cdfe1984f760ed426d3b8dfcc0c3159b39d6ce9d25fc3fe97f10cac9013

    • SSDEEP

      6144:IA/r6ksws1/whwnCWCDmV344pWNE20JvHoinidCso6URDkp6:J/rroDCWeW7sE20JPoinnso6UdK

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks