General

  • Target

    d21150d3ac73a0ea03347ea875270dbf7266dea67f0b02efe4ea4f77468f1e1b

  • Size

    434KB

  • Sample

    241110-j6p52swmfk

  • MD5

    6fbbe64c05439def3afa555d616a4339

  • SHA1

    f0ebfe53a924fc5ce0831d9bbd442593fd899ffe

  • SHA256

    d21150d3ac73a0ea03347ea875270dbf7266dea67f0b02efe4ea4f77468f1e1b

  • SHA512

    f680cd42283711e4332ae1bf20a16a1baafba76f489b209894cb22362558b3cbf083e3f6c8ef21da010785ce5da614f7c07a90f86935c943c9cc63c8cf870ca1

  • SSDEEP

    6144:z6b0HLLvfYOGa7hFs+TMrSwRoSIPbYVMoNr/psoF3736O1GdkT3TBNht:b6avJMvoS6bgMoNr/psoFr36O+kT3F

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      d21150d3ac73a0ea03347ea875270dbf7266dea67f0b02efe4ea4f77468f1e1b

    • Size

      434KB

    • MD5

      6fbbe64c05439def3afa555d616a4339

    • SHA1

      f0ebfe53a924fc5ce0831d9bbd442593fd899ffe

    • SHA256

      d21150d3ac73a0ea03347ea875270dbf7266dea67f0b02efe4ea4f77468f1e1b

    • SHA512

      f680cd42283711e4332ae1bf20a16a1baafba76f489b209894cb22362558b3cbf083e3f6c8ef21da010785ce5da614f7c07a90f86935c943c9cc63c8cf870ca1

    • SSDEEP

      6144:z6b0HLLvfYOGa7hFs+TMrSwRoSIPbYVMoNr/psoF3736O1GdkT3TBNht:b6avJMvoS6bgMoNr/psoFr36O+kT3F

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks