General

  • Target

    4d60f3a23e34be20f88b3d8e519a009874124d69b903bf327673ed247d434306

  • Size

    394KB

  • Sample

    241110-kngxdstdrc

  • MD5

    344b8d3d3c169934968bcef91edef538

  • SHA1

    ff5ab3c874a2cacca6bb5e25f79ee6e699baf50e

  • SHA256

    4d60f3a23e34be20f88b3d8e519a009874124d69b903bf327673ed247d434306

  • SHA512

    3e8ce68ea94ffcc88f03c9d67b7b9cc5ca0d18903b8ecbdc3efea9a82855e9eacf994a2a3b573860fa22e88faa35633ea842e3e58aaa4c980a4cde4bd4fa0851

  • SSDEEP

    6144:JvY/hfaNsYeaDDHBYolh5nkRAnlEJa7xwZ124+JXerMchss+x1UkUV:iht/a3HuUMRu7xw7f+h/wss+ck

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      4d60f3a23e34be20f88b3d8e519a009874124d69b903bf327673ed247d434306

    • Size

      394KB

    • MD5

      344b8d3d3c169934968bcef91edef538

    • SHA1

      ff5ab3c874a2cacca6bb5e25f79ee6e699baf50e

    • SHA256

      4d60f3a23e34be20f88b3d8e519a009874124d69b903bf327673ed247d434306

    • SHA512

      3e8ce68ea94ffcc88f03c9d67b7b9cc5ca0d18903b8ecbdc3efea9a82855e9eacf994a2a3b573860fa22e88faa35633ea842e3e58aaa4c980a4cde4bd4fa0851

    • SSDEEP

      6144:JvY/hfaNsYeaDDHBYolh5nkRAnlEJa7xwZ124+JXerMchss+x1UkUV:iht/a3HuUMRu7xw7f+h/wss+ck

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks