General

  • Target

    4742167aaa10eb165b60ee37a07bd45b7238b64d62e5f2c684b7e5fd237ed159

  • Size

    394KB

  • Sample

    241110-jmbtbawjfr

  • MD5

    a33728ff1d2778183f002041e0341a0a

  • SHA1

    bfa0205c1685ec2d5b8458c9a34257d462b7cf53

  • SHA256

    4742167aaa10eb165b60ee37a07bd45b7238b64d62e5f2c684b7e5fd237ed159

  • SHA512

    a97ae490ad221bed8cac52d45e2f25f7a87328a1f350ae9b7b5d706cc6324946225dc3698e510020f4588c3794153037a81e3061b889384db23423d1cf82df3d

  • SSDEEP

    6144:JvY/hfaNsYeaDDHBYolh5nkRAnlEJa7xwZ124+JXerMchss+x1UkUV:iht/a3HuUMRu7xw7f+h/wss+ck

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      4742167aaa10eb165b60ee37a07bd45b7238b64d62e5f2c684b7e5fd237ed159

    • Size

      394KB

    • MD5

      a33728ff1d2778183f002041e0341a0a

    • SHA1

      bfa0205c1685ec2d5b8458c9a34257d462b7cf53

    • SHA256

      4742167aaa10eb165b60ee37a07bd45b7238b64d62e5f2c684b7e5fd237ed159

    • SHA512

      a97ae490ad221bed8cac52d45e2f25f7a87328a1f350ae9b7b5d706cc6324946225dc3698e510020f4588c3794153037a81e3061b889384db23423d1cf82df3d

    • SSDEEP

      6144:JvY/hfaNsYeaDDHBYolh5nkRAnlEJa7xwZ124+JXerMchss+x1UkUV:iht/a3HuUMRu7xw7f+h/wss+ck

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks