General

  • Target

    c773e840afbd5a26c727f55d3684c7178ac71733401c83465cd48c23b1f2dc7d

  • Size

    252KB

  • Sample

    241110-lqxlasvbrh

  • MD5

    d0326a068f5874139a7f920bd96732d1

  • SHA1

    0e084dabc84c319c714a4f29c30d400e034b8f7b

  • SHA256

    c773e840afbd5a26c727f55d3684c7178ac71733401c83465cd48c23b1f2dc7d

  • SHA512

    d6047f5715a7571f45588428d643ef51e47f822fa9fa5d0018f2ec4f60f9d32fb2cb89df5ee4deec7e8c1944c5ff64d7da3d3e5cf616125db515f5f123e339fc

  • SSDEEP

    6144:iHL5GYhcaac9d/k1TTLPrg+8D0B4VR+ILuO8lNfunXMhzWyB:wlGgcusTTv0VR+IL+lNfun8lWy

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      c773e840afbd5a26c727f55d3684c7178ac71733401c83465cd48c23b1f2dc7d

    • Size

      252KB

    • MD5

      d0326a068f5874139a7f920bd96732d1

    • SHA1

      0e084dabc84c319c714a4f29c30d400e034b8f7b

    • SHA256

      c773e840afbd5a26c727f55d3684c7178ac71733401c83465cd48c23b1f2dc7d

    • SHA512

      d6047f5715a7571f45588428d643ef51e47f822fa9fa5d0018f2ec4f60f9d32fb2cb89df5ee4deec7e8c1944c5ff64d7da3d3e5cf616125db515f5f123e339fc

    • SSDEEP

      6144:iHL5GYhcaac9d/k1TTLPrg+8D0B4VR+ILuO8lNfunXMhzWyB:wlGgcusTTv0VR+IL+lNfun8lWy

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks