General

  • Target

    128906763c01cfd1e2db441399f98a01853ee98f7c7e1dd87d6e1d5175378f08

  • Size

    433KB

  • Sample

    241110-jkkcnssgne

  • MD5

    e38571e3d98b3ea4377f7465b10c23aa

  • SHA1

    f675d7c15f9f5329874fb609d276126272cfd93f

  • SHA256

    128906763c01cfd1e2db441399f98a01853ee98f7c7e1dd87d6e1d5175378f08

  • SHA512

    3fdf752dade9cbb38cea31da5a2c32854656ef9a2da9a7c57a1efcfd8f70513dbb75e73720b7a751a62057a46cf588846af28017a6f7aa6fb32c526e9752d0a9

  • SSDEEP

    12288:e1XjK6akObaCR71RWmXgYCR7Veo8R3T/+8NpKS:eak4J1LqA9+Ch

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      128906763c01cfd1e2db441399f98a01853ee98f7c7e1dd87d6e1d5175378f08

    • Size

      433KB

    • MD5

      e38571e3d98b3ea4377f7465b10c23aa

    • SHA1

      f675d7c15f9f5329874fb609d276126272cfd93f

    • SHA256

      128906763c01cfd1e2db441399f98a01853ee98f7c7e1dd87d6e1d5175378f08

    • SHA512

      3fdf752dade9cbb38cea31da5a2c32854656ef9a2da9a7c57a1efcfd8f70513dbb75e73720b7a751a62057a46cf588846af28017a6f7aa6fb32c526e9752d0a9

    • SSDEEP

      12288:e1XjK6akObaCR71RWmXgYCR7Veo8R3T/+8NpKS:eak4J1LqA9+Ch

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks