General

  • Target

    9c68ef0324d7672ea15e3d8447e93620f6809540843080c6e0dfa654f88ed364

  • Size

    434KB

  • Sample

    241108-lexrxszfrn

  • MD5

    aee7cd6442118be3bc3cd60a2d08d7a0

  • SHA1

    e1f88a57b2747595e162a476c1930c24f11cff47

  • SHA256

    9c68ef0324d7672ea15e3d8447e93620f6809540843080c6e0dfa654f88ed364

  • SHA512

    6d8d8ece9dfd134d72848229e0557cc6ed76e0168ceb3149b79898950c0c56fceb62df89b78a7fbfb13a5240c3e130d936d8208a14f4f52c6f1facf339e045c4

  • SSDEEP

    6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      9c68ef0324d7672ea15e3d8447e93620f6809540843080c6e0dfa654f88ed364

    • Size

      434KB

    • MD5

      aee7cd6442118be3bc3cd60a2d08d7a0

    • SHA1

      e1f88a57b2747595e162a476c1930c24f11cff47

    • SHA256

      9c68ef0324d7672ea15e3d8447e93620f6809540843080c6e0dfa654f88ed364

    • SHA512

      6d8d8ece9dfd134d72848229e0557cc6ed76e0168ceb3149b79898950c0c56fceb62df89b78a7fbfb13a5240c3e130d936d8208a14f4f52c6f1facf339e045c4

    • SSDEEP

      6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks