General

  • Target

    9a7ed1235047807e97b3c2922505cddeeb1d54a71b239aaaa1c548a2e0ac7b54

  • Size

    434KB

  • Sample

    241110-kb22sssncz

  • MD5

    d78b7d1d9cd75d0576c614d8e553f707

  • SHA1

    09c089d8e285b097ba6a730d68593216a7ec916d

  • SHA256

    9a7ed1235047807e97b3c2922505cddeeb1d54a71b239aaaa1c548a2e0ac7b54

  • SHA512

    9849762763822663ed45a7c39e174c9d5114297c18b0778a0311d450449f6029da0b46070a8a1d7d0df7765441173782f22493ea23803571d4ebefa2dd222278

  • SSDEEP

    6144:jT+p2+wmSFThVQdmWGwMLqlhC5wvsu6GZcfo0Hz21OOuq0tc+o:Pw6FHimWrJhC5Osu6G6fo0HzLOuq0tj

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      9a7ed1235047807e97b3c2922505cddeeb1d54a71b239aaaa1c548a2e0ac7b54

    • Size

      434KB

    • MD5

      d78b7d1d9cd75d0576c614d8e553f707

    • SHA1

      09c089d8e285b097ba6a730d68593216a7ec916d

    • SHA256

      9a7ed1235047807e97b3c2922505cddeeb1d54a71b239aaaa1c548a2e0ac7b54

    • SHA512

      9849762763822663ed45a7c39e174c9d5114297c18b0778a0311d450449f6029da0b46070a8a1d7d0df7765441173782f22493ea23803571d4ebefa2dd222278

    • SSDEEP

      6144:jT+p2+wmSFThVQdmWGwMLqlhC5wvsu6GZcfo0Hz21OOuq0tc+o:Pw6FHimWrJhC5Osu6G6fo0HzLOuq0tj

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks