General

  • Target

    a149d20d7e109b8eef7330392111dd44e22b91e1da0143eebb767a5298c81a90

  • Size

    432KB

  • Sample

    241110-j5238asmcv

  • MD5

    e9b769d937b4354c736f4f57086d8d79

  • SHA1

    82ad26de46d50bfc620f8599121878e59484eebf

  • SHA256

    a149d20d7e109b8eef7330392111dd44e22b91e1da0143eebb767a5298c81a90

  • SHA512

    d13342152bf4b9f01db4aa3a33f94e949a3c0a602c8aa331d2ffa83beddaedb06aeeda6b8ec7841585273e1f450c17cea28ac2c0726e5bd7d26cf53fbcb464c7

  • SSDEEP

    6144:JegQHXT3Kt595Gwa3jL/fhaCkIfyOR0iNHxzjK3mdDqkGs/QAB:J6Dat56webfhaCkIfldHxzm3mdVGs/Q

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      a149d20d7e109b8eef7330392111dd44e22b91e1da0143eebb767a5298c81a90

    • Size

      432KB

    • MD5

      e9b769d937b4354c736f4f57086d8d79

    • SHA1

      82ad26de46d50bfc620f8599121878e59484eebf

    • SHA256

      a149d20d7e109b8eef7330392111dd44e22b91e1da0143eebb767a5298c81a90

    • SHA512

      d13342152bf4b9f01db4aa3a33f94e949a3c0a602c8aa331d2ffa83beddaedb06aeeda6b8ec7841585273e1f450c17cea28ac2c0726e5bd7d26cf53fbcb464c7

    • SSDEEP

      6144:JegQHXT3Kt595Gwa3jL/fhaCkIfyOR0iNHxzjK3mdDqkGs/QAB:J6Dat56webfhaCkIfldHxzm3mdVGs/Q

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks