General

  • Target

    f411f055c0c613207fde1db52f007e9fee3af193b32472a331a0d282067202fe

  • Size

    446KB

  • Sample

    241110-k1wlbawrhr

  • MD5

    0b52923039f1fb08bf24e61ca67fd14a

  • SHA1

    5a8d9e503917c5252e1dbf7f0938fb0f425e1868

  • SHA256

    f411f055c0c613207fde1db52f007e9fee3af193b32472a331a0d282067202fe

  • SHA512

    307a1b27c1264cc5c6c34682c0bfd68554321c7d735fc38cee728d3a8b276acc56cb89802bc5cfdef747749a792d569126eab5231984ab60bbbb6690a4d93eb9

  • SSDEEP

    6144:+joYSL1G2fCi9q2IxEjfR9uTCCZC9+IpUrfi7+Pe7cTT6Hin6v9R:FbGCIEjfRulC9+IerfaYe7LW6v

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      f411f055c0c613207fde1db52f007e9fee3af193b32472a331a0d282067202fe

    • Size

      446KB

    • MD5

      0b52923039f1fb08bf24e61ca67fd14a

    • SHA1

      5a8d9e503917c5252e1dbf7f0938fb0f425e1868

    • SHA256

      f411f055c0c613207fde1db52f007e9fee3af193b32472a331a0d282067202fe

    • SHA512

      307a1b27c1264cc5c6c34682c0bfd68554321c7d735fc38cee728d3a8b276acc56cb89802bc5cfdef747749a792d569126eab5231984ab60bbbb6690a4d93eb9

    • SSDEEP

      6144:+joYSL1G2fCi9q2IxEjfR9uTCCZC9+IpUrfi7+Pe7cTT6Hin6v9R:FbGCIEjfRulC9+IerfaYe7LW6v

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks