General

  • Target

    18073498ca0f0c595c06cef8dc5c6ab0d0212b8e9f54daba1be5701290a291f1

  • Size

    434KB

  • Sample

    241110-l6ltqsxqbp

  • MD5

    c7c0652db05c699fa5b2cf714aa91068

  • SHA1

    387a09a5085506af9c1dacfbbfd0b86939fdc25e

  • SHA256

    18073498ca0f0c595c06cef8dc5c6ab0d0212b8e9f54daba1be5701290a291f1

  • SHA512

    ff542274b19a1b9fb1bd086a45d194ac226c37883e29ebfa293f2ce3dfd3dda72ec7f850100b16ae0e89bdffeee0a6fc63fced38c4a3704cd2b11daa0f89a933

  • SSDEEP

    6144:MJTpi7bxjww3MK4zPcMZ4fPHsjcm8wldunH7qorYiQI/Q+VK1I:+ihF3QPXZ8sjfBlduneorYU/Q+V

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      18073498ca0f0c595c06cef8dc5c6ab0d0212b8e9f54daba1be5701290a291f1

    • Size

      434KB

    • MD5

      c7c0652db05c699fa5b2cf714aa91068

    • SHA1

      387a09a5085506af9c1dacfbbfd0b86939fdc25e

    • SHA256

      18073498ca0f0c595c06cef8dc5c6ab0d0212b8e9f54daba1be5701290a291f1

    • SHA512

      ff542274b19a1b9fb1bd086a45d194ac226c37883e29ebfa293f2ce3dfd3dda72ec7f850100b16ae0e89bdffeee0a6fc63fced38c4a3704cd2b11daa0f89a933

    • SSDEEP

      6144:MJTpi7bxjww3MK4zPcMZ4fPHsjcm8wldunH7qorYiQI/Q+VK1I:+ihF3QPXZ8sjfBlduneorYU/Q+V

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks