General

  • Target

    174b3e965fd8593e9b06a0a88cae41fca47e06a1336dfb189e2a5d171d8dc460

  • Size

    447KB

  • Sample

    241108-kdmd5azapl

  • MD5

    9d7f53310bead68e9675a8fc9db3b9ba

  • SHA1

    83f81c02773f69aac238ced9c4393d4259df4999

  • SHA256

    174b3e965fd8593e9b06a0a88cae41fca47e06a1336dfb189e2a5d171d8dc460

  • SHA512

    dbdf8c57c31c4ed6fac63096661a82e1fa8a5d070becfc9e331c5f501b7bae05f755baf117035770879b03dfb99d87ace404b382770adf3388b8978bd4f2d814

  • SSDEEP

    6144:/XO7VIXtU2yzAv0SzT2pXsjPTA5zZUylECTi1zLKS2ri8Tq7Cq/O:8VIXtLyzA8SeyPTqZUylhG1zLYm8TyO

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      174b3e965fd8593e9b06a0a88cae41fca47e06a1336dfb189e2a5d171d8dc460

    • Size

      447KB

    • MD5

      9d7f53310bead68e9675a8fc9db3b9ba

    • SHA1

      83f81c02773f69aac238ced9c4393d4259df4999

    • SHA256

      174b3e965fd8593e9b06a0a88cae41fca47e06a1336dfb189e2a5d171d8dc460

    • SHA512

      dbdf8c57c31c4ed6fac63096661a82e1fa8a5d070becfc9e331c5f501b7bae05f755baf117035770879b03dfb99d87ace404b382770adf3388b8978bd4f2d814

    • SSDEEP

      6144:/XO7VIXtU2yzAv0SzT2pXsjPTA5zZUylECTi1zLKS2ri8Tq7Cq/O:8VIXtLyzA8SeyPTqZUylhG1zLYm8TyO

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks