General

  • Target

    f0d31ab51aca614ca7b1c8958ebab906ceae9104cf8d034dbd0ac119f4afed1c

  • Size

    410KB

  • Sample

    241109-ymbkwa1cpj

  • MD5

    59e2b491dd618942cb5b2b5e2686f5c5

  • SHA1

    2e1b2c7860b22d2dce7d0dd5e8c8c63c630b69eb

  • SHA256

    f0d31ab51aca614ca7b1c8958ebab906ceae9104cf8d034dbd0ac119f4afed1c

  • SHA512

    7de306528104767bbc817fad34688a205e9ba033ff67881eb9d5433bb52db3d5c4565614bf5e8f2fee68c93165f8983f97969b2590347a6428befad18f24657a

  • SSDEEP

    6144:xe7JNLtZXhjwNjndQBvVDFcK5ykXWxpyk11EcQx06SnBz:oJNLFwhd4VDFrykXWxpyKEcQx07B

Malware Config

Extracted

Family

redline

Botnet

170

C2

45.9.20.240:46257

Attributes
  • auth_value

    73f905977a8199ea3d396a0a7d0ae6c8

Targets

    • Target

      f0d31ab51aca614ca7b1c8958ebab906ceae9104cf8d034dbd0ac119f4afed1c

    • Size

      410KB

    • MD5

      59e2b491dd618942cb5b2b5e2686f5c5

    • SHA1

      2e1b2c7860b22d2dce7d0dd5e8c8c63c630b69eb

    • SHA256

      f0d31ab51aca614ca7b1c8958ebab906ceae9104cf8d034dbd0ac119f4afed1c

    • SHA512

      7de306528104767bbc817fad34688a205e9ba033ff67881eb9d5433bb52db3d5c4565614bf5e8f2fee68c93165f8983f97969b2590347a6428befad18f24657a

    • SSDEEP

      6144:xe7JNLtZXhjwNjndQBvVDFcK5ykXWxpyk11EcQx06SnBz:oJNLFwhd4VDFrykXWxpyKEcQx07B

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks