General

  • Target

    e37336a4c78aebe99a94f287af8626a47f6c2a9b16cec6f47a7a1523282af55d

  • Size

    446KB

  • Sample

    241110-hs2q9a1ngw

  • MD5

    7633d2c99f22caf3d367c49a3c6c5e54

  • SHA1

    128e404b0cd23ec8b7747ec74d4241ebfa4501ad

  • SHA256

    e37336a4c78aebe99a94f287af8626a47f6c2a9b16cec6f47a7a1523282af55d

  • SHA512

    71044be6ed54c912128236eb5a4529fd1f6c2fd89b27a7d80974c8bd4f3aa3a6cbf4a978cd5031ed55a361a6b7e8603cf9ffa98a5025334f9f5e9799c82ab672

  • SSDEEP

    6144:eg+lNH+X9g4imz2aXhFynFk5wrarFSv0Ytn33CXjIi5xLS6xP5Of8CqK:E3vmz2UyO5yarIcc33CTv5xLnxOf

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      e37336a4c78aebe99a94f287af8626a47f6c2a9b16cec6f47a7a1523282af55d

    • Size

      446KB

    • MD5

      7633d2c99f22caf3d367c49a3c6c5e54

    • SHA1

      128e404b0cd23ec8b7747ec74d4241ebfa4501ad

    • SHA256

      e37336a4c78aebe99a94f287af8626a47f6c2a9b16cec6f47a7a1523282af55d

    • SHA512

      71044be6ed54c912128236eb5a4529fd1f6c2fd89b27a7d80974c8bd4f3aa3a6cbf4a978cd5031ed55a361a6b7e8603cf9ffa98a5025334f9f5e9799c82ab672

    • SSDEEP

      6144:eg+lNH+X9g4imz2aXhFynFk5wrarFSv0Ytn33CXjIi5xLS6xP5Of8CqK:E3vmz2UyO5yarIcc33CTv5xLnxOf

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks