General

  • Target

    dbf43076e07aba9bc72b8270291c15d90ac0589b33de7b7a1847b4f3b320fbb7

  • Size

    394KB

  • Sample

    241110-kah8astbrc

  • MD5

    ce10b3e4d92f5dfeae836863db290ad8

  • SHA1

    d3ee57abb9446216b0560594adb546704a423a3f

  • SHA256

    dbf43076e07aba9bc72b8270291c15d90ac0589b33de7b7a1847b4f3b320fbb7

  • SHA512

    1048d6708a006e03500a60efff1565383c19ce33022dafc40d16bf18404364aa3ba4cf4a3ef5f66ee1265a024e0e8fa813ba7cf9755de4f6cd192d4e1e013576

  • SSDEEP

    6144:JvY/hfaNsYeaDDHBYolh5nkRAnlEJa7xwZ124+JXerMchss+x1UkUV:iht/a3HuUMRu7xw7f+h/wss+ck

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      dbf43076e07aba9bc72b8270291c15d90ac0589b33de7b7a1847b4f3b320fbb7

    • Size

      394KB

    • MD5

      ce10b3e4d92f5dfeae836863db290ad8

    • SHA1

      d3ee57abb9446216b0560594adb546704a423a3f

    • SHA256

      dbf43076e07aba9bc72b8270291c15d90ac0589b33de7b7a1847b4f3b320fbb7

    • SHA512

      1048d6708a006e03500a60efff1565383c19ce33022dafc40d16bf18404364aa3ba4cf4a3ef5f66ee1265a024e0e8fa813ba7cf9755de4f6cd192d4e1e013576

    • SSDEEP

      6144:JvY/hfaNsYeaDDHBYolh5nkRAnlEJa7xwZ124+JXerMchss+x1UkUV:iht/a3HuUMRu7xw7f+h/wss+ck

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks