General

  • Target

    0d5d0b92e75aa53a86323b7893e9f74185aa260f46932fbaaee478211b1c7b5d

  • Size

    394KB

  • Sample

    241110-jz8ntashjj

  • MD5

    94c0ea336b7dfe803caedf550ccfb0b5

  • SHA1

    d0ca4ce2465c99fd09d6742ef6c9d9743d4b6646

  • SHA256

    0d5d0b92e75aa53a86323b7893e9f74185aa260f46932fbaaee478211b1c7b5d

  • SHA512

    857366796a8a5d975fd3774dde0fc52a38afdc27353255373e59a4007e21675a9ad32f85fc2ca84d461083e7b68c7c4e3222da3b232b4184dfdf187196e630b4

  • SSDEEP

    6144:JvY/hfaNsYeaDDHBYolh5nkRAnlEJa7xwZ124+JXerMchss+x1UkUV:iht/a3HuUMRu7xw7f+h/wss+ck

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      0d5d0b92e75aa53a86323b7893e9f74185aa260f46932fbaaee478211b1c7b5d

    • Size

      394KB

    • MD5

      94c0ea336b7dfe803caedf550ccfb0b5

    • SHA1

      d0ca4ce2465c99fd09d6742ef6c9d9743d4b6646

    • SHA256

      0d5d0b92e75aa53a86323b7893e9f74185aa260f46932fbaaee478211b1c7b5d

    • SHA512

      857366796a8a5d975fd3774dde0fc52a38afdc27353255373e59a4007e21675a9ad32f85fc2ca84d461083e7b68c7c4e3222da3b232b4184dfdf187196e630b4

    • SSDEEP

      6144:JvY/hfaNsYeaDDHBYolh5nkRAnlEJa7xwZ124+JXerMchss+x1UkUV:iht/a3HuUMRu7xw7f+h/wss+ck

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks