General

  • Target

    0a98bac692651f26700095313e4318fbe6136a1a65712d3da80a5775c6312fb9

  • Size

    446KB

  • Sample

    241108-lkv6aasmhj

  • MD5

    c9e8836feda97700e36a422fd330024f

  • SHA1

    96c06ffcf882e8b691bafcb1bd41bd7a23ec4708

  • SHA256

    0a98bac692651f26700095313e4318fbe6136a1a65712d3da80a5775c6312fb9

  • SHA512

    18fc09ed7c6ad482ea066f36c88dbe4d4e2f90d1724c957a155eed60550b65b7207d43e2d673170d040f2abffe8f8a93db54b4ebb8312b0f1ff9b4f3e6b6725e

  • SSDEEP

    6144:eg+lNH+X9g4imz2aXhFynFk5wrarFSv0Ytn33CXjIi5xLS6xP5Of8CqK:E3vmz2UyO5yarIcc33CTv5xLnxOf

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      0a98bac692651f26700095313e4318fbe6136a1a65712d3da80a5775c6312fb9

    • Size

      446KB

    • MD5

      c9e8836feda97700e36a422fd330024f

    • SHA1

      96c06ffcf882e8b691bafcb1bd41bd7a23ec4708

    • SHA256

      0a98bac692651f26700095313e4318fbe6136a1a65712d3da80a5775c6312fb9

    • SHA512

      18fc09ed7c6ad482ea066f36c88dbe4d4e2f90d1724c957a155eed60550b65b7207d43e2d673170d040f2abffe8f8a93db54b4ebb8312b0f1ff9b4f3e6b6725e

    • SSDEEP

      6144:eg+lNH+X9g4imz2aXhFynFk5wrarFSv0Ytn33CXjIi5xLS6xP5Of8CqK:E3vmz2UyO5yarIcc33CTv5xLnxOf

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks