General

  • Target

    8b45e816f05c60a34d98cfe9ccc1dad5df3a854c0579b5418e03b4b2baf33777

  • Size

    432KB

  • Sample

    241110-kqrvdateld

  • MD5

    38d293fb4d8fb2da9ce6a7e7c5c4f3e7

  • SHA1

    342ae209d94fe81e3e32d569beb807984b7f3642

  • SHA256

    8b45e816f05c60a34d98cfe9ccc1dad5df3a854c0579b5418e03b4b2baf33777

  • SHA512

    52e8455171568313182a2710d13d40f8c54371d9979e70dac49cdd359ef4c5e529a09eb34a82f5df9b8f4d8a10c2cb71904aa50523d37e3ebe6dfced6f98cece

  • SSDEEP

    6144:yGO9Zbg+pdyt8LlZuPpTOl2eV7pw5fq22bM0harV83KpzZWK3g2tF0:VO91g+pdytWZucV2E3harS3KpMK3g2T

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      8b45e816f05c60a34d98cfe9ccc1dad5df3a854c0579b5418e03b4b2baf33777

    • Size

      432KB

    • MD5

      38d293fb4d8fb2da9ce6a7e7c5c4f3e7

    • SHA1

      342ae209d94fe81e3e32d569beb807984b7f3642

    • SHA256

      8b45e816f05c60a34d98cfe9ccc1dad5df3a854c0579b5418e03b4b2baf33777

    • SHA512

      52e8455171568313182a2710d13d40f8c54371d9979e70dac49cdd359ef4c5e529a09eb34a82f5df9b8f4d8a10c2cb71904aa50523d37e3ebe6dfced6f98cece

    • SSDEEP

      6144:yGO9Zbg+pdyt8LlZuPpTOl2eV7pw5fq22bM0harV83KpzZWK3g2tF0:VO91g+pdytWZucV2E3harS3KpMK3g2T

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks