General

  • Target

    e5625a5820c581548e187462b29e9e57c905ce598ba28f3e86fe0d239f98d44f

  • Size

    446KB

  • Sample

    241108-kw1z8symfs

  • MD5

    61b1fa1122ee0f21ae1312f4efd10ad8

  • SHA1

    5a302edca269575548599ce969afb97048228222

  • SHA256

    e5625a5820c581548e187462b29e9e57c905ce598ba28f3e86fe0d239f98d44f

  • SHA512

    0be878ca9cf2c9fb0bd5a89bae1042322a0e0cd93ea13294e1c896319cd40893791cc7cd9dec4b6c3979032a7e1056a49fa23c8b2729b3c9bbbab824b4dcd64c

  • SSDEEP

    6144:+joYSL1G2fCi9q2IxEjfR9uTCCZC9+IpUrfi7+Pe7cTT6Hin6v9R:FbGCIEjfRulC9+IerfaYe7LW6v

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      e5625a5820c581548e187462b29e9e57c905ce598ba28f3e86fe0d239f98d44f

    • Size

      446KB

    • MD5

      61b1fa1122ee0f21ae1312f4efd10ad8

    • SHA1

      5a302edca269575548599ce969afb97048228222

    • SHA256

      e5625a5820c581548e187462b29e9e57c905ce598ba28f3e86fe0d239f98d44f

    • SHA512

      0be878ca9cf2c9fb0bd5a89bae1042322a0e0cd93ea13294e1c896319cd40893791cc7cd9dec4b6c3979032a7e1056a49fa23c8b2729b3c9bbbab824b4dcd64c

    • SSDEEP

      6144:+joYSL1G2fCi9q2IxEjfR9uTCCZC9+IpUrfi7+Pe7cTT6Hin6v9R:FbGCIEjfRulC9+IerfaYe7LW6v

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks