General

  • Target

    9c387ef8b9047ed89c0a507fdd0e904b24b9c7a697c49d9a242c9197de716d9c

  • Size

    434KB

  • Sample

    241110-jv38jatajf

  • MD5

    659563170d7a165d47b043f9818da7dc

  • SHA1

    25e57104ee6a500ad304101dd5b94fe9d86f2575

  • SHA256

    9c387ef8b9047ed89c0a507fdd0e904b24b9c7a697c49d9a242c9197de716d9c

  • SHA512

    2762a929fa4fc8462ba323a58c4545bfdcf987629a1f6de1168f0b9a4f24b87baf96511bb73319ac771f56e26761001dab89147206379273422c52281b666987

  • SSDEEP

    12288:Yny46AqB/g47hhVOlv/L1wS3KpiT8nokS:1jR/9VDOlv/GxiTpkS

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      9c387ef8b9047ed89c0a507fdd0e904b24b9c7a697c49d9a242c9197de716d9c

    • Size

      434KB

    • MD5

      659563170d7a165d47b043f9818da7dc

    • SHA1

      25e57104ee6a500ad304101dd5b94fe9d86f2575

    • SHA256

      9c387ef8b9047ed89c0a507fdd0e904b24b9c7a697c49d9a242c9197de716d9c

    • SHA512

      2762a929fa4fc8462ba323a58c4545bfdcf987629a1f6de1168f0b9a4f24b87baf96511bb73319ac771f56e26761001dab89147206379273422c52281b666987

    • SSDEEP

      12288:Yny46AqB/g47hhVOlv/L1wS3KpiT8nokS:1jR/9VDOlv/GxiTpkS

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks