General

  • Target

    e7bebcf7b6910aa32b64625912819129b89ad49b4981010497c8dfe36cf14aa2

  • Size

    434KB

  • Sample

    241108-kfc88sykay

  • MD5

    4d99cf6d98cb340d624bf7275172a3b4

  • SHA1

    2c137840bbcb2828c282d9908ea6102e20dce688

  • SHA256

    e7bebcf7b6910aa32b64625912819129b89ad49b4981010497c8dfe36cf14aa2

  • SHA512

    82d5cb9abc3bba54b836dfa3331dd15b9094a2f4380165492cc56753ca57a1e52d7078b9faa8cf0bfbf3188ae81b59811e86c9bc0b549b551eec06563615f6b3

  • SSDEEP

    12288:OIVUIC/qcIs72/cPQIInQAoqMQdds+4R:OKUIC/2CPQVQdW3

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      e7bebcf7b6910aa32b64625912819129b89ad49b4981010497c8dfe36cf14aa2

    • Size

      434KB

    • MD5

      4d99cf6d98cb340d624bf7275172a3b4

    • SHA1

      2c137840bbcb2828c282d9908ea6102e20dce688

    • SHA256

      e7bebcf7b6910aa32b64625912819129b89ad49b4981010497c8dfe36cf14aa2

    • SHA512

      82d5cb9abc3bba54b836dfa3331dd15b9094a2f4380165492cc56753ca57a1e52d7078b9faa8cf0bfbf3188ae81b59811e86c9bc0b549b551eec06563615f6b3

    • SSDEEP

      12288:OIVUIC/qcIs72/cPQIInQAoqMQdds+4R:OKUIC/2CPQVQdW3

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks