General

  • Target

    804ce120a54c9128c0a04af831c33c1c87f0f7805a1ca3ef429717796d2afa37

  • Size

    434KB

  • Sample

    241108-lpnl1azgnc

  • MD5

    5df1fdceeafd40b7d1f6f98840580a32

  • SHA1

    7d2d9db2f0433d1de905a5f0dec95d2900ec84d8

  • SHA256

    804ce120a54c9128c0a04af831c33c1c87f0f7805a1ca3ef429717796d2afa37

  • SHA512

    c1bbe0581bbc83d83198a12fcb150e2e066d6fbe40c4c1a5e15c9c1518437bbc8b859f3047a0ec730337f9d090b513d285b9d02d4e5d01e821104035f0438606

  • SSDEEP

    6144:MJTpi7bxjww3MK4zPcMZ4fPHsjcm8wldunH7qorYiQI/Q+VK1I:+ihF3QPXZ8sjfBlduneorYU/Q+V

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      804ce120a54c9128c0a04af831c33c1c87f0f7805a1ca3ef429717796d2afa37

    • Size

      434KB

    • MD5

      5df1fdceeafd40b7d1f6f98840580a32

    • SHA1

      7d2d9db2f0433d1de905a5f0dec95d2900ec84d8

    • SHA256

      804ce120a54c9128c0a04af831c33c1c87f0f7805a1ca3ef429717796d2afa37

    • SHA512

      c1bbe0581bbc83d83198a12fcb150e2e066d6fbe40c4c1a5e15c9c1518437bbc8b859f3047a0ec730337f9d090b513d285b9d02d4e5d01e821104035f0438606

    • SSDEEP

      6144:MJTpi7bxjww3MK4zPcMZ4fPHsjcm8wldunH7qorYiQI/Q+VK1I:+ihF3QPXZ8sjfBlduneorYU/Q+V

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks