General

  • Target

    ed2b26933199c151170dd59b0364223248e328591758e6416643b8acff6505de

  • Size

    434KB

  • Sample

    241110-h72d2a1qev

  • MD5

    4acfefaf5abbd5b52da9bcc097e86fe9

  • SHA1

    1eb5fc7ab130ce208f508cd8ef9934380a06b13a

  • SHA256

    ed2b26933199c151170dd59b0364223248e328591758e6416643b8acff6505de

  • SHA512

    a3c85d50b0cee68338c7bde11e03639122fe653cfb35640523f4d64def87dd183fef465532ac6e1b5b989299b1256832aa2641173b690b65c590bf6581dc9024

  • SSDEEP

    6144:MJTpi7bxjww3MK4zPcMZ4fPHsjcm8wldunH7qorYiQI/Q+VK1I:+ihF3QPXZ8sjfBlduneorYU/Q+V

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      ed2b26933199c151170dd59b0364223248e328591758e6416643b8acff6505de

    • Size

      434KB

    • MD5

      4acfefaf5abbd5b52da9bcc097e86fe9

    • SHA1

      1eb5fc7ab130ce208f508cd8ef9934380a06b13a

    • SHA256

      ed2b26933199c151170dd59b0364223248e328591758e6416643b8acff6505de

    • SHA512

      a3c85d50b0cee68338c7bde11e03639122fe653cfb35640523f4d64def87dd183fef465532ac6e1b5b989299b1256832aa2641173b690b65c590bf6581dc9024

    • SSDEEP

      6144:MJTpi7bxjww3MK4zPcMZ4fPHsjcm8wldunH7qorYiQI/Q+VK1I:+ihF3QPXZ8sjfBlduneorYU/Q+V

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks