General

  • Target

    4560203c48b2b0449806143792bc709e34c74f15081d02f7a89707966fe61f49

  • Size

    434KB

  • Sample

    241110-k1zmzaxjak

  • MD5

    78c99dd65bb16e4b3aab6227013f1a0e

  • SHA1

    248d1634c2969f2a89ef1fe75fb7f39c6bc6e7c9

  • SHA256

    4560203c48b2b0449806143792bc709e34c74f15081d02f7a89707966fe61f49

  • SHA512

    e163a2d712716941447484dcec183807745fc35d3aae48af50a4ecb5370d6a65e0ae7d9978efb07379e42b8e899bf911987231b0bc71dd7edb87cd3a0b84835e

  • SSDEEP

    6144:IA/r6ksws1/whwnCWCDmV344pWNE20JvHoinidCso6URDkp6:J/rroDCWeW7sE20JPoinnso6UdK

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      4560203c48b2b0449806143792bc709e34c74f15081d02f7a89707966fe61f49

    • Size

      434KB

    • MD5

      78c99dd65bb16e4b3aab6227013f1a0e

    • SHA1

      248d1634c2969f2a89ef1fe75fb7f39c6bc6e7c9

    • SHA256

      4560203c48b2b0449806143792bc709e34c74f15081d02f7a89707966fe61f49

    • SHA512

      e163a2d712716941447484dcec183807745fc35d3aae48af50a4ecb5370d6a65e0ae7d9978efb07379e42b8e899bf911987231b0bc71dd7edb87cd3a0b84835e

    • SSDEEP

      6144:IA/r6ksws1/whwnCWCDmV344pWNE20JvHoinidCso6URDkp6:J/rroDCWeW7sE20JPoinnso6UdK

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks