General

  • Target

    58ce5181bc41611bfa7513444dfa73f4ffe46b906a77bfee79bb3ce65977846e

  • Size

    432KB

  • Sample

    241110-h76zhssfja

  • MD5

    842356aa8722e8216176874c4cc94bf4

  • SHA1

    0f1306c9de787baa376efb87cb7a05930dcb83a9

  • SHA256

    58ce5181bc41611bfa7513444dfa73f4ffe46b906a77bfee79bb3ce65977846e

  • SHA512

    e375a3fdd2df7cd01ad044235011d8db15aa484551deb0bc46d32c5d807b2126e7b64b634bb4b37ff5b9e56c0aed7945ce871d26b2788e8e4d06f68f70199d6a

  • SSDEEP

    6144:yGO9Zbg+pdyt8LlZuPpTOl2eV7pw5fq22bM0harV83KpzZWK3g2tF0:VO91g+pdytWZucV2E3harS3KpMK3g2T

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      58ce5181bc41611bfa7513444dfa73f4ffe46b906a77bfee79bb3ce65977846e

    • Size

      432KB

    • MD5

      842356aa8722e8216176874c4cc94bf4

    • SHA1

      0f1306c9de787baa376efb87cb7a05930dcb83a9

    • SHA256

      58ce5181bc41611bfa7513444dfa73f4ffe46b906a77bfee79bb3ce65977846e

    • SHA512

      e375a3fdd2df7cd01ad044235011d8db15aa484551deb0bc46d32c5d807b2126e7b64b634bb4b37ff5b9e56c0aed7945ce871d26b2788e8e4d06f68f70199d6a

    • SSDEEP

      6144:yGO9Zbg+pdyt8LlZuPpTOl2eV7pw5fq22bM0harV83KpzZWK3g2tF0:VO91g+pdytWZucV2E3harS3KpMK3g2T

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks