General

  • Target

    c9e6e3e71b51dc9f66da8b8135a4040f29275d176b436969e0b5b4b53393361f

  • Size

    273KB

  • Sample

    241108-lc8reayphs

  • MD5

    51ae78c6d7c21451753699811c313afb

  • SHA1

    3219207f087a9ade5b04df05301fad8fbfbed162

  • SHA256

    c9e6e3e71b51dc9f66da8b8135a4040f29275d176b436969e0b5b4b53393361f

  • SHA512

    36cb959b77a3c584869dc1a4e312a42c9805963e253324f84cd00ba2de2d28701d5e4a377e15af4aa5620f611831f5473f374cdff9dbaf793a4cc3f590214aed

  • SSDEEP

    6144:i8qL1OPq8uDd1iFrjAF8X6wca3noINCeGFwB:5qcPqFMrjAKKwcWoV6

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      c9e6e3e71b51dc9f66da8b8135a4040f29275d176b436969e0b5b4b53393361f

    • Size

      273KB

    • MD5

      51ae78c6d7c21451753699811c313afb

    • SHA1

      3219207f087a9ade5b04df05301fad8fbfbed162

    • SHA256

      c9e6e3e71b51dc9f66da8b8135a4040f29275d176b436969e0b5b4b53393361f

    • SHA512

      36cb959b77a3c584869dc1a4e312a42c9805963e253324f84cd00ba2de2d28701d5e4a377e15af4aa5620f611831f5473f374cdff9dbaf793a4cc3f590214aed

    • SSDEEP

      6144:i8qL1OPq8uDd1iFrjAF8X6wca3noINCeGFwB:5qcPqFMrjAKKwcWoV6

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks